7 matches found
CVE-2017-18233
An issue was discovered in Exempi before 2.4.4. Integer overflow in the Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp allows remote attackers to cause a denial of service infinite loop via crafted XMP data in a .avi file...
CVE-2017-18233
An issue was discovered in Exempi before 2.4.4. Integer overflow in the Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp allows remote attackers to cause a denial of service infinite loop via crafted XMP data in a .avi file...
CVE-2017-18238
CVE-2017-18238 affects Exempi (before 2.4.4). The issue lies in TradQT_Manager::ParseCachedBoxes in XMPFiles/source/FormatSupport/QuickTime_Support.cpp, which allows remote attackers to trigger a denial of service (infinite loop) via crafted XMP data in a .qt file. This vulnerability is documente...
CVE-2017-18236
An issue was discovered in Exempi before 2.4.4. The ASFSupport::ReadHeaderObject function in XMPFiles/source/FormatSupport/ASFSupport.cpp allows remote attackers to cause a denial of service infinite loop via a crafted .asf file...
CVE-2018-7728
An issue was discovered in Exempi through 2.4.4. XMPFiles/source/FileHandlers/TIFFHandler.cpp mishandles a case of a zero length, leading to a heap-based buffer over-read in the MD5Update function in third-party/zuid/interfaces/MD5.cpp...
CVE-2018-7731
CVE-2018-7731 affects Exempi up to v2.4.4. The issue is in WEBP_Support.cpp (WEBP_Support) where WEBP::VP8XChunk does not check for a NULL bitstream, causing a NULL pointer dereference. Connected sources corroborate Exempi-related CVEs and indicate fixes in newer packages (e.g., exempi 2.4.5 in F...
CVE-2018-7730
An issue was discovered in Exempi through 2.4.4. A certain case of a 0xffffffff length is mishandled in XMPFiles/source/FormatSupport/PSIRFileWriter.cpp, leading to a heap-based buffer over-read in the PSDMetaHandler::CacheFileData function...