30 matches found
SUSE CVE-2019-13110
A CiffDirectory::readDirectory integer overflow and out-of-bounds read in Exiv2 through 0.27.1 allows an attacker to cause a denial of service SIGSEGV via a crafted CRW image file...
SUSE CVE-2019-17402
Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimageint.cpp, because there is no validation of the relationship of the total size to the offset and size...
Denial Of Service (DoS)
libexiv2.so is vulnerable to denial of service. The vulnerability exists in the CiffDirectory::readDirectory function of crwimageint.cpp due to integer overflows which allows an attacker to cause an application crash by providing malicious input...
exiv2: out-of-bounds read in CiffDirectory::readDirectory due to lack of size check
An out of bounds read vulnerability was discovered in the way exiv2 parses Canon raw format CRW images. An application that uses exiv2 library to parse untrusted images may be vulnerable to this flaw, which could be used by an attacker to extract data from the application's memory or make it cras...
Huawei EulerOS: Security Advisory for exiv2 (EulerOS-SA-2019-1995)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP8 : exiv2 (EulerOS-SA-2020-1003)
According to the versions of the exiv2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 0.26 allows remote attackers to cause a denial of service excessive memory...
CVE-2018-17581
CiffDirectory::readDirectory at crwimageint.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service...
ALPINE-CVE-2019-17402
Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimageint.cpp, because there is no validation of the relationship of the total size to the offset and size...
AZL-7204 CVE-2019-17402 affecting package exiv2 for versions less than 0.27.5-1
Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimageint.cpp, because there is no validation of the relationship of the total size to the offset and size...
CVE-2019-17402
Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimageint.cpp, because there is no validation of the relationship of the total size to the offset and size...
CVE-2019-17402
Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimageint.cpp, because there is no validation of the relationship of the total size to the offset and size...
PT-2019-5691 · Exiv2 +8 · Exiv2 +8
Name of the Vulnerable Software and Affected Versions: Exiv2 version 0.27.2 Description: The issue is related to a lack of validation in the Exiv2 library, specifically in the crwimage int.cpp module, which can lead to a crash when the getULong function is called from CiffDirectory::readDirectory...
EulerOS 2.0 SP3 : exiv2 (EulerOS-SA-2019-1995)
According to the version of the exiv2 package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A CiffDirectory::readDirectory integer overflow and out-of-bounds read in Exiv2 through 0.27.1 allows an attacker to cause a denial of service SIGSEG...
Denial Of Service (DoS)
exiv2 is vulnerable to denial of service. The vulnerability exists through a stack overflow issue in CiffDirectory::readDirectory at crwimageint.cpp which allows an attacker to crash the application via malicious input...
exiv2: Stack overflow in CiffDirectory::readDirectory() at crwimage_int.cpp leading to denial of service
CiffDirectory::readDirectory at crwimageint.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service...
CVE-2019-13110
A CiffDirectory::readDirectory integer overflow and out-of-bounds read in Exiv2 through 0.27.1 allows an attacker to cause a denial of service SIGSEGV via a crafted CRW image file...
ALPINE-CVE-2019-13110
A CiffDirectory::readDirectory integer overflow and out-of-bounds read in Exiv2 through 0.27.1 allows an attacker to cause a denial of service SIGSEGV via a crafted CRW image file...
CVE-2019-13110
A CiffDirectory::readDirectory integer overflow and out-of-bounds read in Exiv2 through 0.27.1 allows an attacker to cause a denial of service SIGSEGV via a crafted CRW image file...
Integer overflow
A CiffDirectory::readDirectory integer overflow and out-of-bounds read in Exiv2 through 0.27.1 allows an attacker to cause a denial of service SIGSEGV via a crafted CRW image file...
CVE-2019-13110
A CiffDirectory::readDirectory integer overflow and out-of-bounds read in Exiv2 through 0.27.1 allows an attacker to cause a denial of service SIGSEGV via a crafted CRW image file...