Astra Linux - уязвимость в exiv2

In Exiv2 through 0.27.1, a vulnerability in CiffDirectory::readDirectory allows for integer overflow and out-of-bounds reads. This vulnerability enables an attacker to cause a denial of service SIGSEGV by using a crafted CRW image file...

[SECURITY] Fedora 44 Update: LibRaw-0.22.1-1.fc44

LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. LibRaw is based on the source codes of the dcraw utility, where part of drawbacks have already been eliminated and part will be fixed in future...

ROS-20260320-73-0001

A vulnerability in the LibRaw::stretch function of the LibRaw image processing library is related to an operation exceeding buffer boundaries in memory when processing CRW files. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

CVE-2011-0193

Multiple buffer overflows in Image RAW in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted Canon RAW image...

EUVD-2009-1723

Malware in sbrugna...

EUVD-2011-0219

Malware in sbrugna...

EUVD-2006-0399

Malware in sbrugna...

The vulnerability relates to the implementation of syntactic analysis for CR3-files in the plugin for viewing RAW images. This allows an attacker to execute arbitrary code.

The vulnerability of the CR3-file syntax analysis implementation for viewing RAW images is related to errors in data type conversion. Exploiting this vulnerability could allow an attacker to execute arbitrary code using a specially created malicious web page or a specially created malicious file...

PT-2020-5978 · Microsoft · Raw Image Extension

Name of the Vulnerable Software and Affected Versions: Raw Image Extension affected versions not specified Description: The issue is related to errors in data type conversion during the parsing of CR3 files by the Raw Image Extension plugin. This can be exploited by an attacker to execute arbitra...

Foxit Studio Photo Information Disclosure Vulnerability (CNVD-2020-59773)

Foxit Studio Photo is a set of image editing software from the Chinese company Foxit Foxit. An information disclosure vulnerability exists in the handling of CR2 files in Foxit Studio Photo 3.6.6.930 and earlier versions. The vulnerability stems from a lack of proper validation of user-supplied...

Low: exiv2

Issue Overview: An out of bounds read vulnerability was discovered in the way exiv2 parses Canon raw format CRW images. An application that uses exiv2 library to parse untrusted images may be vulnerable to this flaw, which could be used by an attacker to extract data from the application's memory...

exiv2: out-of-bounds read in CiffDirectory::readDirectory due to lack of size check

An out of bounds read vulnerability was discovered in the way exiv2 parses Canon raw format CRW images. An application that uses exiv2 library to parse untrusted images may be vulnerable to this flaw, which could be used by an attacker to extract data from the application's memory or make it cras...

USN-4056-1 exiv2 vulnerabilities

It was discovered that Exiv2 incorrectly handled certain PSD files. An attacker could possibly use this issue to cause a denial of service. CVE-2018-19107, CVE-2018-19108 It was discovered that Exiv2 incorrectly handled certain PNG files. An attacker could possibly use this issue to cause a denia...

CVE-2019-13110

A CiffDirectory::readDirectory integer overflow and out-of-bounds read in Exiv2 through 0.27.1 allows an attacker to cause a denial of service SIGSEGV via a crafted CRW image file...

UBUNTU-CVE-2019-13110

A CiffDirectory::readDirectory integer overflow and out-of-bounds read in Exiv2 through 0.27.1 allows an attacker to cause a denial of service SIGSEGV via a crafted CRW image file...

CVE-2013-5357

Integer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a long TIFF tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a long TIFF StripByteCounts tag...

CVE-2013-5349

Integer underflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a crafted JPEG tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a large JPEG tag value and a small size...

Integer overflow

Integer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a long TIFF tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a long TIFF StripByteCounts tag...

Integer overflow

Integer underflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a crafted JPEG tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a large JPEG tag value and a small size...

CVE-2013-5349

Integer underflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a crafted JPEG tag that triggers a heap-based buffer overflow, as demonstrated using a Canon RAW CR2 file with a large JPEG tag value and a small size...