15 matches found
Ubuntu 16.04 ESM : ExifTool vulnerability (USN-4987-2)
The remote Ubuntu 16.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-4987-2 advisory. USN-4987-1 fixed a vulnerability in ExifTool. This update provides the corresponding update for Ubuntu 16.04 ESM. Tenable has extracted the preceding description...
SUSE CVE-2021-22204
Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image...
ExifTool 12.23 - Arbitrary Code Execution
Exploit Title: ExifTool 12.23 - Arbitrary Code Execution Date: 04/30/2022 Exploit Author: UNICORD NicPWNs & Dev-Yeoj Vendor Homepage: https://exiftool.org/ Software Link: https://github.com/exiftool/exiftool/archive/refs/tags/12.23.zip Version: 7.44-12.23 Tested on: ExifTool 12.23 Debian CVE:...
ExifTool 12.23 Arbitrary Code Execution
Exploit Title: ExifTool 12.23 - Arbitrary Code Execution Date: 04/30/2022 Exploit Author: UNICORD NicPWNs & Dev-Yeoj Vendor Homepage: https://exiftool.org/ Software Link: https://github.com/exiftool/exiftool/archive/refs/tags/12.23.zip Version: 7.44-12.23 Tested on: ExifTool 12.23 Debian CVE:...
USN-4987-2: ExifTool vulnerability
USN-4987-1 fixed a vulnerability in ExifTool. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that ExifTool did not properly sanitize user data for the DjVu file format. An attacker could use this vulnerability to cause a DoS or...
ExifTool Remote Code Execution Vulnerability
Improper neutralization of user data in the DjVu file format in Exiftool versions 7.44 and up allows arbitrary code execution when parsing the malicious image...
Ubuntu 18.04 LTS / 20.04 LTS : ExifTool vulnerability (USN-4987-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4987-1 advisory. It was discovered that ExifTool did not properly sanitize user data for the DjVu file format. An attacker could use this vulnerability to cause a DoS ...
DjVuLibre Denial of Service Vulnerability
DjVuLibre is an open source implementation of the DjVu computer file format, which includes a DjVu file viewer, browser plug-in, DjVu file decoder/encoder and other utilities.DjVuLibre suffers from a denial-of-service vulnerability that could be exploited by an attacker to cause an application to...
Remote Code Execution (RCE)
perl-image-exiftool is vulnerable to remote code execution. A lack of proper neutralization of user data in the DjVu file format in ExifTool allows an attacker to arbitrary code execution by sending a malicious image jpg, tiff, mp4 and many more...
CVE-2021-22204
Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image...
DEBIAN-CVE-2021-22204
Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image...
Input validation
Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image...
CVE-2021-22204
Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image...
CVE-2021-22204
Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
PT-2021-5828
Name of the Vulnerable Software and Affected Versions ExifTool versions 7.44 and up Description The issue is related to improper neutralization of user data in the DjVu file format, allowing arbitrary code execution when parsing malicious images. This could enable a remote attacker to access...