8 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-16336
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Exiv2::Internal::PngChunk::parseTXTChunk in Exiv2 v0.26 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted image fil...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Exiv2 vulnerabilities (USN-3852-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3852-1 advisory. It was discovered that Exiv2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of...
Huawei EulerOS: Security Advisory for exiv2 (EulerOS-SA-2021-1782)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : exiv2 (EulerOS-SA-2021-1782)
According to the versions of the exiv2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Exiv2 0.26 has a heap-based buffer overflow in getData in preview.cpp.CVE-2018-11531 - Exiv2 0.27.2 allows attackers to trigger a crash in...
Huawei EulerOS: Security Advisory for exiv2 (EulerOS-SA-2019-2277)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for exiv2 (EulerOS-SA-2019-2710)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-1551-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-16336
CVE-2018-16336 affects Exiv2 (v0.26) via Exiv2::Internal::PngChunk::parseTXTChunk. The vulnerability is a heap-based buffer over-read caused by processing crafted TXT chunks in PNG files, enabling a remote denial of service. Connected sources corroborate this issue within Exiv2’s PNG/text parsing...