Lucene search
K

11 matches found

BDU FSTEC
BDU FSTEC
added 2021/10/27 12:0 a.m.5 views

The vulnerability of the Jp2Image::readMetadata() function in the jp2image.cpp component of the Exiv2 media metadata management library is related to the occurrence of operations outside the buffer in memory. This vulnerability allows an attacker to access confidential data and also trigger a service failure.

The vulnerability of the Jp2Image::readMetadata function in the jp2image.cpp component of the Exiv2 media metadata management library is related to an improper check on the rawData.size property. Exploiting this vulnerability could allow a remote attacker to access confidential data, as well as...

6.5CVSS6.5AI score0.02295EPSS
Exploits0References12Affected Software6
Veracode
Veracode
added 2021/05/06 7:12 a.m.32 views

Buffer Overflow

exiv2 is vulnerable to buffer overflow. The vulnerability exists due to improper input validation of the rawData.size property in Jp2Image::readMetadata in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data...

6.5CVSS4.5AI score0.02295EPSS
Exploits0References9Affected Software3
UbuntuCve
UbuntuCve
added 2021/04/08 11:15 p.m.30 views

CVE-2021-3482

A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data...

6.5CVSS6.6AI score0.02295EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/04/08 10:6 p.m.35 views

CVE-2021-3482

A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data...

7AI score0.02295EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2021/04/08 10:6 p.m.26 views

CVE-2021-3482

A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data...

6.5CVSS6.7AI score0.02295EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2021/04/08 10:6 p.m.51 views

CVE-2021-3482

A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data...

6.5CVSS7AI score0.02295EPSS
Exploits0
Veracode
Veracode
added 2019/01/15 8:57 a.m.24 views

Denial Of Service (DoS)

libexif is vulnerable to denial of service. The exifentrygetvalue function in exif-entry.c does not properly process Exif tags, allowing a remote attacker to crash the process or obtain confidential information in an out-of-bounds read via a malicious EXIF tag in an image...

6.4CVSS5.6AI score0.03859EPSS
Exploits0References10Affected Software1
Veracode
Veracode
added 2018/06/01 4:53 a.m.30 views

Invalid Memory Dereference

libexiv2.so is vulnerable to invalid memory address dereference attacks. The vulnerability exists in Exiv2::StringValueBase::read of value.cpp while parsing an image with malicious exif values, causing a denial of service DoS attack...

5.5CVSS6.1AI score0.01071EPSS
Exploits1References6Affected Software2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

4Images <= 1.7.1 (Local Inclusion) Remote Code Execution Exploit

No description provided by source. ?php ----4images171inclxpl.php 6.45 26/02/2006 4Images = 1.7.1 remote commands execution through arbitrary local inclusion coded by rgod site: http://retrogod.altervista.org - this works regardless of magicquotesgpc settings Sun-Tzu: Having doomed spies, doing...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2005/03/09 12:0 a.m.43 views

[USN-91-1] EXIF library vulnerability

=========================================================== Ubuntu Security Notice USN-91-1 March 07, 2005 libexif vulnerabilities https://bugzilla.ubuntulinux.org/7152 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10...

0.1AI score
Exploits0
Ubuntu
Ubuntu
added 2005/03/08 2:18 a.m.38 views

USN-91-1: EXIF library vulnerability

Sylvain Defresne discovered that the EXIF library did not properly validate the structure of the EXIF tags. By tricking a user to load an image with a malicious EXIF tag, an attacker could exploit this to crash the process using the library, or even execute arbitrary code with the privileges of t...

5.8AI score
Exploits0References1
Rows per page
Query Builder