169 matches found
PYSEC-2018-141
In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp called from psdimage.cpp in the PSD image reader may suffer from a denial of service heap-based buffer over-read caused by an integer overflow via a crafted PSD image file...
Exiv2 integer overflow vulnerability (CNVD-2019-07086)
Exiv2 is a cross-platform C++ library and command line utility for managing image metadata. An integer overflow vulnerability in Exiv2::IptcParser::decode in iptc.cpp in Exiv2 0.26 can be exploited by an attacker to cause a denial of service via specially crafted PSD image files...
Apache Tika Denial of Service Vulnerability
Apache Tika is the United States Apache Apache Software Foundation, an integrated POI using Java programs to provide read and write Microsoft Office format documents open-source library, Pdfbox read and create PDF documents pure Java class library and for text extraction work provides a unified...
UBUNTU-CVE-2018-8017
In Apache Tika 1.2 to 1.18, a carefully crafted file can trigger an infinite loop in the IptcAnpaParser...
UBUNTU-CVE-2018-16750
In ImageMagick 7.0.7-29 and earlier, a memory leak in the formatIPTCfromBuffer function in coders/meta.c was found...
PT-2018-3614 · Exiv2 +7 · Exiv2 +7
Name of the Vulnerable Software and Affected Versions: Exiv2 version 0.26 Description: The issue is related to the Exiv2::IptcParser::decode function in the iptc.cpp file, which may cause a denial of service due to a heap-based buffer over-read. This is caused by an integer overflow when processi...
[SECURITY] Fedora 27 Update: exiv2-0.26-12.fc27
A command line utility to access image metadata, allowing one to: print the Exif metadata of Jpeg images as summary info, interpreted value s, or the plain data for each tag print the Iptc metadata of Jpeg images print the Jpeg comment of Jpeg images set, add and delete Exif and Iptc metadata of...
[SECURITY] Fedora 28 Update: exiv2-0.26-12.fc28
A command line utility to access image metadata, allowing one to: print the Exif metadata of Jpeg images as summary info, interpreted value s, or the plain data for each tag print the Iptc metadata of Jpeg images print the Jpeg comment of Jpeg images set, add and delete Exif and Iptc metadata of...
[SECURITY] Fedora 27 Update: exiv2-0.26-10.fc27
A command line utility to access image metadata, allowing one to: print the Exif metadata of Jpeg images as summary info, interpreted value s, or the plain data for each tag print the Iptc metadata of Jpeg images print the Jpeg comment of Jpeg images set, add and delete Exif and Iptc metadata of...
[SECURITY] Fedora 28 Update: exiv2-0.26-10.fc28
A command line utility to access image metadata, allowing one to: print the Exif metadata of Jpeg images as summary info, interpreted value s, or the plain data for each tag print the Iptc metadata of Jpeg images print the Jpeg comment of Jpeg images set, add and delete Exif and Iptc metadata of...
Exiv2 IptcData::printStructure Information Disclosure Vulnerability
Exiv2 is a C++ library for extracting EXIF, LPTC and XMP metadata information from images. An information disclosure vulnerability exists in Exiv2 version 0.26 iptc.c/IptcData::printStructure, which can be exploited by an attacker to cause a crash or information disclosure...
CVE-2018-9305
In Exiv2 0.26, an out-of-bounds read in IptcData::printStructure in iptc.c could result in a crash or information leak, related to the "== 0x1c" case...
Exiv2 'Exiv2::IptcData::printStructure' function out-of-bounds read vulnerability
Exiv2 is a set of C++ libraries and command line applications for managing image metadata by software developer Andreas Huggel, which provides fast and easy reading and writing of image metadata in a variety of EXIF, IPTC and XMP formats. An out-of-bounds read vulnerability exists in the...
CVE-2017-17724
An integer underflow, leading to heap-based out-of-bound read, was found in the way Exiv2 library prints IPTC Photo Metadata embedded in an image. By persuading a victim to open a crafted image, a remote attacker could crash the application or possibly retrieve a portion of memory...
Exiv2 'Exiv2::IptcData::printStructure' function out-of-bounds read vulnerability
Exiv2 is a set of C++ libraries and command line applications for managing image metadata by software developer Andreas Huggel, which provides fast and easy reading and writing of image metadata in a variety of EXIF, IPTC and XMP formats. An out-of-bounds read vulnerability exists in the...
PYSEC-2018-123
In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::IptcData::printStructure function in iptc.cpp, related to the "!= 0x1c" case. Remote attackers can exploit this vulnerability to cause a denial of service via a crafted TIFF file...
CVE-2017-16353
GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file, because of a heap-based buffer over-read. The portion of the code containing the vulnerability is responsible for printing the IPTC Profile...
GraphicsMagick Multiple Vulnerabilities
Vulnerabilities summary The following advisory describes two 2 vulnerabilities found in GraphicsMagick. GraphicsMagick is “The swiss army knife of image processing. Comprised of 267K physical lines according to David A. Wheeler’s SLOCCount of source code in the base package or 1,225K including 3r...
GraphicsMagick Memory Disclosure / Heap Overflow
'''Vulnerabilities summary The following advisory describes two 2 vulnerabilities found in GraphicsMagick. GraphicsMagick is aThe swiss army knife of image processing. Comprised of 267K physical lines according to David A. Wheeleras SLOCCount of source code in the base package or 1,225K including...
GraphicsMagick - Memory Disclosure / Heap Overflow Exploit
Exploit for multiple platform in category dos / poc '''Vulnerabilities summary The following advisory describes two 2 vulnerabilities found in GraphicsMagick. GraphicsMagick is “The swiss army knife of image processing. Comprised of 267K physical lines according to David A. Wheeler’s SLOCCount of...