22 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-11683
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a reachable assertion in the Internal::TiffReader::visitDirectory function in tiffvisitor.cpp of Exiv2 0.26 that will lead to a remote denial of servic...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Exiv2 vulnerabilities (USN-3852-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3852-1 advisory. It was discovered that Exiv2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of...
Debian dla-3186 : exiv2 - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3186 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3186-1 [email protected]...
[SECURITY] [DLA 3186-1] exiv2 security update
Debian LTS Advisory DLA-3186-1 [email protected] https://www.debian.org/lts/security/ Dominik George November 10, 2022 https://wiki.debian.org/LTS Package : exiv2 Version : 0.25-4+deb10u3 CVE ID : CVE-2017-11683 CVE-2020-19716 CVE-2022-3756 Debian Bug : 876893 Three vulnerabilities have...
Mageia: Security Advisory (MGASA-2017-0391)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:3882-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:3882-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for exiv2 (EulerOS-SA-2019-2375)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for exiv2 (EulerOS-SA-2019-2710)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : exiv2 (openSUSE-2019-504)
This update for exiv2 to 0.26 fixes the following security issues : - CVE-2017-14864: Prevent invalid memory address dereference in Exiv2::getULong that could have caused a segmentation fault and application crash, which leads to denial of service bsc1060995. - CVE-2017-14862: Prevent invalid...
SUSE SLED12 / SLES12 Security Update : exiv2 (SUSE-SU-2018:3882-2)
This update for exiv2 fixes the following issues : CVE-2017-11591: A floating point exception in the Exiv2::ValueType function could lead to a remote denial of service attack via crafted input. bsc1050257 CVE-2017-14864: An invalid memory address dereference was discovered in Exiv2::getULong in...
SUSE SLED12 / SLES12 Security Update : exiv2 (SUSE-SU-2018:3882-1)
This update for exiv2 fixes the following issues : CVE-2017-11591: A floating point exception in the Exiv2::ValueType function could lead to a remote denial of service attack via crafted input. bsc1050257 CVE-2017-14864: An invalid memory address dereference was discovered in Exiv2::getULong in...
SUSE-SU-2018:3882-1 Security update for exiv2
This update for exiv2 fixes the following issues: - CVE-2017-11591: A floating point exception in the Exiv2::ValueType function could lead to a remote denial of service attack via crafted input. bsc1050257 - CVE-2017-14864: An invalid memory address dereference was discovered in Exiv2::getULong i...
openSUSE Security Update : exiv2 (openSUSE-2018-727)
This update for exiv2 to 0.26 fixes the following security issues : - CVE-2017-14864: Prevent invalid memory address dereference in Exiv2::getULong that could have caused a segmentation fault and application crash, which leads to denial of service bsc1060995. - CVE-2017-14862: Prevent invalid...
Security update for exiv2 (moderate)
This update for exiv2 to 0.26 fixes the following security issues: - CVE-2017-14864: Prevent invalid memory address dereference in Exiv2::getULong that could have caused a segmentation fault and application crash, which leads to denial of service bsc1060995. - CVE-2017-14862: Prevent invalid memo...
Debian: Security Advisory (DLA-1147-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-1147-1 : exiv2 security update
The exiv2 library is vulnerable to multiple issues that can all lead to denial of service of the applications relying on the library to parse images' metadata. CVE-2017-11591 Denial of service via floating point exception in the Exiv2::ValueType function. CVE-2017-11683 Denial of service through...
[SECURITY] [DLA 1147-1] exiv2 security update
Package : exiv2 Version : 0.23-1+deb7u2 CVE ID : CVE-2017-11591 CVE-2017-11683 CVE-2017-14859 CVE-2017-14862 CVE-2017-14864 Debian Bug : 876893 The exiv2 library is vulnerable to multiple issues that can all lead to denial of service of the applications relying on the library to parse images...
CVE-2017-11683
There is a reachable assertion in the Internal::TiffReader::visitDirectory function in tiffvisitor.cpp of Exiv2 0.26 that will lead to a remote denial of service attack via crafted input...
CVE-2017-11683
There is a reachable assertion in the Internal::TiffReader::visitDirectory function in tiffvisitor.cpp of Exiv2 0.26 that will lead to a remote denial of service attack via crafted input...