83 matches found
EUVD-2007-6319
Malware in sbrugna...
EUVD-2007-6320
Malware in sbrugna...
EUVD-2012-2792
Malware in sbrugna...
EUVD-2016-1346
Malware in sbrugna...
Integer overflow in exif.cpp in exiv2 library allows context-dependent attackers to execute arbitrary code via a crafted EXIF file that triggers a heap-based buffer overflow.
...
PT-2025-4863 · Unknown · Exif Viewer Classic
Name of the Vulnerable Software and Affected Versions: EXIF Viewer Classic versions 2.3.2 through 2.4.0 Description: The issue is caused by improper handling of EXIF meta data, leading to a cross-site scripting vulnerability. When an image is rendered and crafted EXIF meta data is processed, an...
SUSE CVE-2005-0664
Buffer overflow in the EXIF library libexif 0.6.9 does not properly validate the structure of the EXIF tags, which allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a JPEG image with a crafted EXIF tag...
SUSE CVE-2007-2645
Integer overflow in the exifdataloaddataentry function in exif-data.c in libexif before 0.6.14 allows user-assisted remote attackers to cause a denial of service crash or possibly execute arbitrary code via crafted EXIF data, involving the 1 doff or 2 s variable...
SUSE CVE-2007-6351
libexif 0.6.16 and earlier allows context-dependent attackers to cause a denial of service infinite recursion via an image file with crafted EXIF tags, possibly involving the exifloaderwrite function in exifloader.c...
SUSE CVE-2012-2814
Buffer overflow in the exifentryformatvalue function in exif-entry.c in the EXIF Tag Parsing Library aka libexif 0.6.20 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted EXIF tags in an image...
SUSE CVE-2012-2836
The exifdataloaddata function in exif-data.c in the EXIF Tag Parsing Library aka libexif before 0.6.21 allows remote attackers to cause a denial of service out-of-bounds read or possibly obtain sensitive information from process memory via crafted EXIF tags in an image...
DEBIAN-CVE-2021-3482
A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data...
Denial Of Service (DoS)
jhead is vulnerable to Denial of service. An attacker is able to execute arbitrary code or cause a denial of service out-of-bounds access via crafted EXIF data...
Denial Of Service (DoS)
rh-php70-php is vulnerable to denial of service DoS attacks. The vulnerability exists as the exifconvertanytoint function in ext/exif/exif.c in PHP before 5.6.30, 7.0.x before 7.0.15, and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service application crash via crafted EXIF da...
openSUSE Security Update : jhead (openSUSE-2018-1044)
This update for jhead fixes the following security issues : - CVE-2016-3822: jhead remote attackers to execute arbitrary code or cause a denial of service out-of-bounds access via crafted EXIF data bsc1108480. - CVE-2018-16554: The ProcessGpsInfo function may have allowed a remote attacker to cau...
Security update for jhead (moderate)
This update for jhead fixes the following security issues: - CVE-2016-3822: jhead remote attackers to execute arbitrary code or cause a denial of service out-of-bounds access via crafted EXIF data bsc1108480. - CVE-2018-16554: The ProcessGpsInfo function may have allowed a remote attacker to caus...
CVE-2016-10158
The exifconvertanytoint function in ext/exif/exif.c in PHP before 5.6.30, 7.0.x before 7.0.15, and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service application crash via crafted EXIF data that triggers an attempt to divide the minimum representable negative integer by -1...
CVE-2016-10158
The exifconvertanytoint function in ext/exif/exif.c in PHP before 5.6.30, 7.0.x before 7.0.15, and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service application crash via crafted EXIF data that triggers an attempt to divide the minimum representable negative integer by -1...
CVE-2016-10158
Removed by vendor...
CVE-2016-10158
The exifconvertanytoint function in ext/exif/exif.c in PHP before 5.6.30, 7.0.x before 7.0.15, and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service application crash via crafted EXIF data that triggers an attempt to divide the minimum representable negative integer by -1...