16 matches found
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Exiv2 vulnerabilities (USN-3852-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3852-1 advisory. It was discovered that Exiv2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of...
[SECURITY] [DLA 3265-1] exiv2 security update
Debian LTS Advisory DLA-3265-1 [email protected] https://www.debian.org/lts/security/ Helmut Grohne January 10, 2023 https://wiki.debian.org/LTS Package : exiv2 Version : 0.25-4+deb10u4 CVE ID : CVE-2017-11591 CVE-2017-14859 CVE-2017-14862 CVE-2017-14864 CVE-2017-17669 CVE-2017-18005...
SUSE: Security Advisory (SUSE-SU-2018:3882-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:3882-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for exiv2 (EulerOS-SA-2019-2710)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for exiv2 (EulerOS-SA-2019-2375)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 28 : exiv2 (2018-8b67a5c7e2)
Exiv2 update with security fixes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...
SUSE SLED12 / SLES12 Security Update : exiv2 (SUSE-SU-2018:3882-2)
This update for exiv2 fixes the following issues : CVE-2017-11591: A floating point exception in the Exiv2::ValueType function could lead to a remote denial of service attack via crafted input. bsc1050257 CVE-2017-14864: An invalid memory address dereference was discovered in Exiv2::getULong in...
SUSE SLED12 / SLES12 Security Update : exiv2 (SUSE-SU-2018:3882-1)
This update for exiv2 fixes the following issues : CVE-2017-11591: A floating point exception in the Exiv2::ValueType function could lead to a remote denial of service attack via crafted input. bsc1050257 CVE-2017-14864: An invalid memory address dereference was discovered in Exiv2::getULong in...
SUSE-SU-2018:3882-1 Security update for exiv2
This update for exiv2 fixes the following issues: - CVE-2017-11591: A floating point exception in the Exiv2::ValueType function could lead to a remote denial of service attack via crafted input. bsc1050257 - CVE-2017-14864: An invalid memory address dereference was discovered in Exiv2::getULong i...
Fedora Update for exiv2 FEDORA-2018-871fa4d189
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2017-17669
There is a heap-based buffer over-read in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunkint.cpp in Exiv2 0.26. A crafted PNG file will lead to a remote denial of service attack...
CVE-2017-17669
There is a heap-based buffer over-read in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunkint.cpp in Exiv2 0.26. A crafted PNG file will lead to a remote denial of service attack...
CVE-2017-17669
There is a heap-based buffer over-read in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunkint.cpp in Exiv2 0.26. A crafted PNG file will lead to a remote denial of service attack...
CVE-2017-17669
There is a heap-based buffer over-read in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunkint.cpp in Exiv2 0.26. A crafted PNG file will lead to a remote denial of service attack...
CVE-2017-17669
CVE-2017-17669 : Exiv2 0.26 contains a heap-based buffer over-read in Exiv2::Internal::PngChunk::keyTXTChunk (pngchunk_int.cpp). A crafted PNG file can trigger a remote denial of service. Public advisories (Ubuntu USN-3852-1, Debian DLA-3265, Red Hat/Nessus entries) confirm Exiv2 0.26 as affected...