11 matches found
The vulnerability of the Jp2Image::readMetadata() function in the jp2image.cpp component of the Exiv2 media metadata management library is related to the occurrence of operations outside the buffer in memory. This vulnerability allows an attacker to access confidential data and also trigger a service failure.
The vulnerability of the Jp2Image::readMetadata function in the jp2image.cpp component of the Exiv2 media metadata management library is related to an improper check on the rawData.size property. Exploiting this vulnerability could allow a remote attacker to access confidential data, as well as...
Buffer Overflow
exiv2 is vulnerable to buffer overflow. The vulnerability exists due to improper input validation of the rawData.size property in Jp2Image::readMetadata in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data...
CVE-2021-3482
A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data...
CVE-2021-3482
A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data...
CVE-2021-3482
A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data...
CVE-2021-3482
A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data...
Denial Of Service (DoS)
libexif is vulnerable to denial of service. The exifentrygetvalue function in exif-entry.c does not properly process Exif tags, allowing a remote attacker to crash the process or obtain confidential information in an out-of-bounds read via a malicious EXIF tag in an image...
Invalid Memory Dereference
libexiv2.so is vulnerable to invalid memory address dereference attacks. The vulnerability exists in Exiv2::StringValueBase::read of value.cpp while parsing an image with malicious exif values, causing a denial of service DoS attack...
4Images <= 1.7.1 (Local Inclusion) Remote Code Execution Exploit
No description provided by source. ?php ----4images171inclxpl.php 6.45 26/02/2006 4Images = 1.7.1 remote commands execution through arbitrary local inclusion coded by rgod site: http://retrogod.altervista.org - this works regardless of magicquotesgpc settings Sun-Tzu: Having doomed spies, doing...
[USN-91-1] EXIF library vulnerability
=========================================================== Ubuntu Security Notice USN-91-1 March 07, 2005 libexif vulnerabilities https://bugzilla.ubuntulinux.org/7152 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10...
USN-91-1: EXIF library vulnerability
Sylvain Defresne discovered that the EXIF library did not properly validate the structure of the EXIF tags. By tricking a user to load an image with a malicious EXIF tag, an attacker could exploit this to crash the process using the library, or even execute arbitrary code with the privileges of t...