2682 matches found
UBUNTU-CVE-2017-9239
An issue was discovered in Exiv2 0.26. When the data structure of the structure ifd is incorrect, the program assigns pValue to 0x0, and the value of pValue is 0x0. TiffImageEntry::doWriteImage will use the value of pValue to cause a segmentation fault. To exploit this vulnerability, someone must...
MGASA-2016-0101 Updated exempi exiv2 packages fix security vulnerability
exempi contains code to protect against a denial-service-attack related to XML entity expansion "billion laughs attack", but it was not compiled into the Mageia package because BanAllEntityUsage was not defined when the package was compiled. This has been corrected by recompiling it with the...
Updated exempi exiv2 packages fix security vulnerability
exempi contains code to protect against a denial-service-attack related to XML entity expansion "billion laughs attack", but it was not compiled into the Mageia package because BanAllEntityUsage was not defined when the package was compiled. This has been corrected by recompiling it with the...
Fedora 22 : exiv2-0.24-5.fc22 (2016-ff39572e31)
Avoid possible XML entity expansion security issue. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
[SECURITY] Fedora 22 Update: exiv2-0.24-5.fc22
A command line utility to access image metadata, allowing one to: print the Exif metadata of Jpeg images as summary info, interpreted value s, or the plain data for each tag print the Iptc metadata of Jpeg images print the Jpeg comment of Jpeg images set, add and delete Exif and Iptc metadata of...
Fedora 23 : exiv2-0.25-3.fc23 (2016-f802cade15)
Avoid possible XML entity expansion security issue. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Gentoo Security Advisory GLSA 201507-03
Gentoo Linux Local Security Checks GLSA 201507-03 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
GLSA-201507-03 : Exiv2: Denial of Service
The remote host is affected by the vulnerability described in GLSA-201507-03 Exiv2: Denial of Service Exiv2 has a buffer overflow in the RiffVideo::infoTagsHandler function in riffvideo.cpp. Impact : A remote attacker could possibly cause a Denial of Service condition via a specially crafted AVI...
Exiv2: Denial of service
Background Exiv2 is a C++ library and a command line utility to manage image metadata. Description Exiv2 has a buffer overflow in the RiffVideo::infoTagsHandler function in riffvideo.cpp. Impact A remote attacker could possibly cause a Denial of Service condition via a specially crafted AVI file...
Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the exiv2 package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
Ubuntu: Security Advisory (USN-2454-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for exiv2 FEDORA-2015-0301
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 21 : exiv2-0.24-4.fc21 (2015-0301)
Security fix for CVE-2014-9449 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
MAT: Metadata Anonymisation Toolkit
MAT: Metadata Anonymisation Toolkit What is metadata? Metadata consists of information that characterizes data e.g. Word documents, pictures, music files, etc. In essence, metadata answers who, what, when, where, why, and how about every facet of the data that is being characterized. Why metadata...
[USN-2454-1] Exiv2 vulnerability
========================================================================== Ubuntu Security Notice USN-2454-1 January 07, 2015 exiv2 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
Ubuntu 14.10 : exiv2 vulnerability (USN-2454-1)
It was discovered that Exiv2 incorrectly handled certain tag values in video files. If a user or automated system were tricked into opening a specially crafted video file, a remote attacker could cause Exiv2 to crash, resulting in a denial of service. Note that Tenable Network Security has...
USN-2454-1: Exiv2 vulnerability
It was discovered that Exiv2 incorrectly handled certain tag values in video files. If a user or automated system were tricked into opening a specially-crafted video file, a remote attacker could cause Exiv2 to crash, resulting in a denial of service...
CVE-2014-9449
Buffer overflow in the RiffVideo::infoTagsHandler function in riffvideo.cpp in Exiv2 0.24 allows remote attackers to cause a denial of service crash via a long IKEY INFO tag value in an AVI file...
CVE-2014-9449
Buffer overflow in the RiffVideo::infoTagsHandler function in riffvideo.cpp in Exiv2 0.24 allows remote attackers to cause a denial of service crash via a long IKEY INFO tag value in an AVI file...
DEBIAN-CVE-2014-9449
Buffer overflow in the RiffVideo::infoTagsHandler function in riffvideo.cpp in Exiv2 0.24 allows remote attackers to cause a denial of service crash via a long IKEY INFO tag value in an AVI file...