4 matches found
exiv2: Stack overflow in CiffDirectory::readDirectory() at crwimage_int.cpp leading to denial of service
CiffDirectory::readDirectory at crwimageint.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service...
AZL-7204 CVE-2019-17402 affecting package exiv2 for versions less than 0.27.5-1
Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimageint.cpp, because there is no validation of the relationship of the total size to the offset and size...
PT-2019-5691 · Exiv2 +8 · Exiv2 +8
Name of the Vulnerable Software and Affected Versions: Exiv2 version 0.27.2 Description: The issue is related to a lack of validation in the Exiv2 library, specifically in the crwimage int.cpp module, which can lead to a crash when the getULong function is called from CiffDirectory::readDirectory...
exiv2: Stack overflow in CiffDirectory::readDirectory() at crwimage_int.cpp leading to denial of service
CiffDirectory::readDirectory at crwimageint.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service...