6 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-36045
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XMP Toolkit SDK versions 2020.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory. An attacker...
[SECURITY] [DLA 3585-1] exempi security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3585-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès September 25, 2023 https://wiki.debian.org/LTS -...
Updated exempi packages fix security vulnerability
XMP Toolkit SDK versions 2020.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victi...
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Exempi vulnerabilities (USN-5483-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5483-1 advisory. It was discovered that Exempi incorrectly handled certain media files. If a user or automated system were tricked into opening a...
CVE-2021-36045
CVE-2021-36045 is an out-of-bounds read vulnerability in Exempi (XMP Toolkit SDK 2020.1 and earlier) that could disclose arbitrary memory and potentially bypass ASLR. Exploitation requires the user to open a malicious file. Public advisories (Debian, Mageia, Ubuntu) indicate fixes in newer exploi...
CVE-2021-36045 XMP Toolkit SDK Out-of-bounds Read Vulnerability In PostScriptSupport::ConvertToDate Could Lead To Information Exposure
XMP Toolkit SDK versions 2020.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victi...