Lucene search
+L

2682 matches found

OSV
OSV
added 2017/05/26 12:0 a.m.5 views

UBUNTU-CVE-2017-9239

An issue was discovered in Exiv2 0.26. When the data structure of the structure ifd is incorrect, the program assigns pValue to 0x0, and the value of pValue is 0x0. TiffImageEntry::doWriteImage will use the value of pValue to cause a segmentation fault. To exploit this vulnerability, someone must...

6.5CVSS6.7AI score0.02645EPSS
Exploits0References4
OSV
OSV
added 2016/03/07 7:58 p.m.6 views

MGASA-2016-0101 Updated exempi exiv2 packages fix security vulnerability

exempi contains code to protect against a denial-service-attack related to XML entity expansion "billion laughs attack", but it was not compiled into the Mageia package because BanAllEntityUsage was not defined when the package was compiled. This has been corrected by recompiling it with the...

7.2AI score
Exploits0References3
Mageia
Mageia
added 2016/03/07 7:58 p.m.17 views

Updated exempi exiv2 packages fix security vulnerability

exempi contains code to protect against a denial-service-attack related to XML entity expansion "billion laughs attack", but it was not compiled into the Mageia package because BanAllEntityUsage was not defined when the package was compiled. This has been corrected by recompiling it with the...

2.7AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/03/07 12:0 a.m.10 views

Fedora 22 : exiv2-0.24-5.fc22 (2016-ff39572e31)

Avoid possible XML entity expansion security issue. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

5.5AI score
Exploits0References2
Fedora
Fedora
added 2016/03/06 11:19 p.m.14 views

[SECURITY] Fedora 22 Update: exiv2-0.24-5.fc22

A command line utility to access image metadata, allowing one to: print the Exif metadata of Jpeg images as summary info, interpreted value s, or the plain data for each tag print the Iptc metadata of Jpeg images print the Jpeg comment of Jpeg images set, add and delete Exif and Iptc metadata of...

1.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.21 views

Fedora 23 : exiv2-0.25-3.fc23 (2016-f802cade15)

Avoid possible XML entity expansion security issue. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

5.5AI score
Exploits0References2
OpenVAS
OpenVAS
added 2015/09/29 12:0 a.m.23 views

Gentoo Security Advisory GLSA 201507-03

Gentoo Linux Local Security Checks GLSA 201507-03 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

5CVSS8AI score0.03654EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/07/08 12:0 a.m.26 views

GLSA-201507-03 : Exiv2: Denial of Service

The remote host is affected by the vulnerability described in GLSA-201507-03 Exiv2: Denial of Service Exiv2 has a buffer overflow in the RiffVideo::infoTagsHandler function in riffvideo.cpp. Impact : A remote attacker could possibly cause a Denial of Service condition via a specially crafted AVI...

5CVSS8.2AI score0.03654EPSS
Exploits0References2
Gentoo Linux
Gentoo Linux
added 2015/07/07 12:0 a.m.27 views

Exiv2: Denial of service

Background Exiv2 is a C++ library and a command line utility to manage image metadata. Description Exiv2 has a buffer overflow in the RiffVideo::infoTagsHandler function in riffvideo.cpp. Impact A remote attacker could possibly cause a Denial of Service condition via a specially crafted AVI file...

5CVSS6.8AI score0.03654EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.7 views

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the exiv2 package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

7.5CVSS7.5AI score0.04871EPSS
Exploits0References3Affected Software1
OpenVAS
OpenVAS
added 2015/01/23 12:0 a.m.20 views

Ubuntu: Security Advisory (USN-2454-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.5AI score0.03654EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/01/22 12:0 a.m.28 views

Fedora Update for exiv2 FEDORA-2015-0301

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.5AI score0.03654EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/01/22 12:0 a.m.31 views

Fedora 21 : exiv2-0.24-4.fc21 (2015-0301)

Security fix for CVE-2014-9449 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...

5CVSS7.8AI score0.03654EPSS
Exploits0References3
n0where
n0where
added 2015/01/19 5:51 p.m.64 views

MAT: Metadata Anonymisation Toolkit

MAT: Metadata Anonymisation Toolkit What is metadata? Metadata consists of information that characterizes data e.g. Word documents, pictures, music files, etc. In essence, metadata answers who, what, when, where, why, and how about every facet of the data that is being characterized. Why metadata...

0.6AI score
Exploits0References1
securityvulns
securityvulns
added 2015/01/13 12:0 a.m.48 views

[USN-2454-1] Exiv2 vulnerability

========================================================================== Ubuntu Security Notice USN-2454-1 January 07, 2015 exiv2 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

5CVSS0.2AI score0.03654EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/01/08 12:0 a.m.28 views

Ubuntu 14.10 : exiv2 vulnerability (USN-2454-1)

It was discovered that Exiv2 incorrectly handled certain tag values in video files. If a user or automated system were tricked into opening a specially crafted video file, a remote attacker could cause Exiv2 to crash, resulting in a denial of service. Note that Tenable Network Security has...

5CVSS7.8AI score0.03654EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2015/01/07 5:52 p.m.49 views

USN-2454-1: Exiv2 vulnerability

It was discovered that Exiv2 incorrectly handled certain tag values in video files. If a user or automated system were tricked into opening a specially-crafted video file, a remote attacker could cause Exiv2 to crash, resulting in a denial of service...

5CVSS7.9AI score0.03654EPSS
Exploits0
NVD
NVD
added 2015/01/02 8:59 p.m.18 views

CVE-2014-9449

Buffer overflow in the RiffVideo::infoTagsHandler function in riffvideo.cpp in Exiv2 0.24 allows remote attackers to cause a denial of service crash via a long IKEY INFO tag value in an AVI file...

5CVSS7.3AI score0.03654EPSS
Exploits0References7
OSV
OSV
added 2015/01/02 8:59 p.m.5 views

CVE-2014-9449

Buffer overflow in the RiffVideo::infoTagsHandler function in riffvideo.cpp in Exiv2 0.24 allows remote attackers to cause a denial of service crash via a long IKEY INFO tag value in an AVI file...

6.8AI score
Exploits0References9
OSV
OSV
added 2015/01/02 8:59 p.m.4 views

DEBIAN-CVE-2014-9449

Buffer overflow in the RiffVideo::infoTagsHandler function in riffvideo.cpp in Exiv2 0.24 allows remote attackers to cause a denial of service crash via a long IKEY INFO tag value in an AVI file...

5CVSS8.2AI score0.03654EPSS
Exploits0References1
Rows per page
Query Builder