Lucene search
K

69 matches found

CNVD
CNVD
added 2019/07/29 12:0 a.m.3 views

Exiv2 heap buffer overflow vulnerability (CNVD-2019-24854)

Exiv2 is a set of C++ libraries and command line applications for managing image metadata by Andreas Huggel programmers. The product provides the ability to read and write image metadata in a variety of formats including EXIF, IPTC and XMP. A buffer overflow vulnerability exists in the...

6.5CVSS7.4AI score0.01116EPSS
Exploits1References1
NVD
NVD
added 2019/07/28 7:15 p.m.22 views

CVE-2019-14369

Exiv2::PngImage::readMetadata in pngimage.cpp in Exiv2 0.27.99.0 allows attackers to cause a denial of service heap-based buffer over-read via a crafted image file...

6.5CVSS6.2AI score0.01116EPSS
Exploits1References2
OSV
OSV
added 2019/07/28 7:15 p.m.1 views

DEBIAN-CVE-2019-14369

Exiv2::PngImage::readMetadata in pngimage.cpp in Exiv2 0.27.99.0 allows attackers to cause a denial of service heap-based buffer over-read via a crafted image file...

6.5CVSS6.9AI score0.01116EPSS
Exploits1References1
Prion
Prion
added 2019/07/28 7:15 p.m.16 views

Heap overflow

Exiv2::PngImage::readMetadata in pngimage.cpp in Exiv2 0.27.99.0 allows attackers to cause a denial of service heap-based buffer over-read via a crafted image file...

4.3CVSS6.3AI score0.01116EPSS
Exploits1References2Affected Software2
PyPA
PyPA
added 2019/07/28 7:15 p.m.9 views

PYSEC-2019-245

Exiv2::PngImage::readMetadata in pngimage.cpp in Exiv2 0.27.99.0 allows attackers to cause a denial of service heap-based buffer over-read via a crafted image file...

6.5CVSS6.8AI score0.01116EPSS
Exploits1References4Affected Software1
UbuntuCve
UbuntuCve
added 2019/07/28 7:15 p.m.22 views

CVE-2019-14369

Exiv2::PngImage::readMetadata in pngimage.cpp in Exiv2 0.27.99.0 allows attackers to cause a denial of service heap-based buffer over-read via a crafted image file...

6.5CVSS6.9AI score0.01116EPSS
Exploits1References2
Cvelist
Cvelist
added 2019/07/28 12:0 a.m.26 views

CVE-2019-14369

Exiv2::PngImage::readMetadata in pngimage.cpp in Exiv2 0.27.99.0 allows attackers to cause a denial of service heap-based buffer over-read via a crafted image file...

6.7AI score0.01116EPSS
Exploits1References2
CVE
CVE
added 2019/07/28 12:0 a.m.142 views

CVE-2019-14369

CVE-2019-14369 : Exiv2 0.27.99.0’s PngImage::readMetadata() (pngimage.cpp) allows a crafted PNG image to trigger a heap-based buffer over-read, leading to a denial of service. Public documents corroborate this impact and indicate fixes in Exiv2 release 0.27.4 (and related patches in downstream di...

6.5CVSS6.2AI score0.01116EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2019/07/28 12:0 a.m.25 views

CVE-2019-14369

Exiv2::PngImage::readMetadata in pngimage.cpp in Exiv2 0.27.99.0 allows attackers to cause a denial of service heap-based buffer over-read via a crafted image file...

6.5CVSS6.6AI score0.01116EPSS
Exploits1
Veracode
Veracode
added 2019/07/01 5:55 a.m.22 views

Denial Of Service (DoS)

libexiv2.so is vulnerable to denial of service. The vulnerability exists due to an integer overflow in PngImage::readMetadata which mishandles a zero value for iccOffset allowing an attacker to crash the system via a SIGSEGV via a maliciously crafted PNG image file...

6.5CVSS6.4AI score0.01427EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2019/06/30 11:15 p.m.20 views

CVE-2019-13108

An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service SIGSEGV via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffset...

6.5CVSS6.4AI score0.01427EPSS
Exploits1References3
OSV
OSV
added 2019/06/30 11:15 p.m.4 views

DEBIAN-CVE-2019-13108

An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service SIGSEGV via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffset...

6.5CVSS7AI score0.01427EPSS
Exploits1References1
Prion
Prion
added 2019/06/30 11:15 p.m.27 views

Integer overflow

An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service SIGSEGV via a crafted PNG image file, because PngImage::readMetadata mishandles a chunkLength - iccOffset subtraction...

4.3CVSS6.3AI score0.01579EPSS
Exploits1References3Affected Software2
UbuntuCve
UbuntuCve
added 2019/06/30 11:15 p.m.23 views

CVE-2019-13108

An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service SIGSEGV via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffset...

6.5CVSS6.8AI score0.01427EPSS
Exploits1References3
Prion
Prion
added 2019/06/30 11:15 p.m.14 views

Integer overflow

An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service SIGSEGV via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffset...

4.3CVSS6.2AI score0.01427EPSS
Exploits1References3Affected Software2
AlpineLinux
AlpineLinux
added 2019/06/30 10:20 p.m.42 views

CVE-2019-13109

An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service SIGSEGV via a crafted PNG image file, because PngImage::readMetadata mishandles a chunkLength - iccOffset subtraction...

6.5CVSS6.5AI score0.01579EPSS
Exploits1
Cvelist
Cvelist
added 2019/06/30 10:20 p.m.24 views

CVE-2019-13109

An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service SIGSEGV via a crafted PNG image file, because PngImage::readMetadata mishandles a chunkLength - iccOffset subtraction...

6.4AI score0.01579EPSS
Exploits1References3
Cvelist
Cvelist
added 2019/06/30 10:19 p.m.29 views

CVE-2019-13108

An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service SIGSEGV via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffset...

6.3AI score0.01427EPSS
Exploits1References3
PyPA
PyPA
added 2018/12/12 10:29 a.m.8 views

PYSEC-2018-117

There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf function of pngimage.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack...

6.5CVSS7AI score0.02762EPSS
Exploits1References7Affected Software1
NVD
NVD
added 2018/05/14 3:29 a.m.22 views

CVE-2018-11037

In Exiv2 0.26, the Exiv2::PngImage::printStructure function in pngimage.cpp allows remote attackers to cause an information leak via a crafted file...

6.5CVSS6.2AI score0.02363EPSS
Exploits1References3
Rows per page
Query Builder