EUVD-2009-3866

Malware in sbrugna...

Sensitive Data Exposure

answerdev/answer is vulnerable to Sensitive Data Exposure. The vulnerability is due to not sanitizing EXIF Exchangeable Image File Format image while uploading the image in profile or comment section.This can lead to attacker extract EXIF metadata containing Geolocation and many other image...

Arbitrary Code Execution

libexif is vulnerable to arbitrary code execution. An integer overflow flaw was found in the way libexif parses Exif image tags. If a victim opens a carefully crafted Exif image file, it could cause the application linked against libexif to execute arbitrary code, or crash...

Denial Of Service (DoS)

libexif is vulnerable to denial of service. An infinite recursion flaw was found in the way libexif parses Exif image tags. If a victim opens a carefully crafted Exif image file, it could cause the application linked against libexif to crash...

[SECURITY] [DLA 1803-1] php5 security update

Package : php5 Version : 5.6.40+dfsg-0+deb8u3 CVE ID : CVE-2019-11034 CVE-2019-11035 CVE-2019-11036 A read past allocated buffer vulnerability and two heap-buffer overflow vulnerabilites were discovered in the PHP5 programming language within the Exif image module. For Debian 8 "Jessie", these...

OpenExif Denial of Service Vulnerability

OpenExif is an object-oriented library for accessing JPEG image files in Exif format. A denial of service vulnerability exists in ExifImageFile::readDQT in ExifImageFileRead.cpp in OpenExif, which could allow a remote attacker to cause a denial of service stack buffer over-reading and application...

CVE-2017-11118

The ExifImageFile::readImage function in ExifImageFileRead.cpp in OpenExif 2.1.4 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a crafted jpg file...

CVE-2009-3895

Heap-based buffer overflow in the exifentryfix function aka the tag fixup routine in libexif/exif-entry.c in libexif 0.6.18 allows remote attackers to cause a denial of service or possibly execute arbitrary code via an invalid EXIF image. NOTE: some of these details are obtained from third party...

Heap overflow

Heap-based buffer overflow in the exifentryfix function aka the tag fixup routine in libexif/exif-entry.c in libexif 0.6.18 allows remote attackers to cause a denial of service or possibly execute arbitrary code via an invalid EXIF image. NOTE: some of these details are obtained from third party...

CVE-2009-3895

Heap-based buffer overflow in the exifentryfix function aka the tag fixup routine in libexif/exif-entry.c in libexif 0.6.18 allows remote attackers to cause a denial of service or possibly execute arbitrary code via an invalid EXIF image. NOTE: some of these details are obtained from third party...

CVE-2009-3895

Heap-based buffer overflow in the exifentryfix function aka the tag fixup routine in libexif/exif-entry.c in libexif 0.6.18 allows remote attackers to cause a denial of service or possibly execute arbitrary code via an invalid EXIF image. NOTE: some of these details are obtained from third party...

CVE-2009-3895

Heap-based buffer overflow in the exifentryfix function aka the tag fixup routine in libexif/exif-entry.c in libexif 0.6.18 allows remote attackers to cause a denial of service or possibly execute arbitrary code via an invalid EXIF image. NOTE: some of these details are obtained from third party...

CVE-2009-3895

Heap-based buffer overflow in the exifentryfix function aka the tag fixup routine in libexif/exif-entry.c in libexif 0.6.18 allows remote attackers to cause a denial of service or possibly execute arbitrary code via an invalid EXIF image. NOTE: some of these details are obtained from third party...

CVE-2009-3895

Heap-based buffer overflow in the exifentryfix function aka the tag fixup routine in libexif/exif-entry.c in libexif 0.6.18 allows remote attackers to cause a denial of service or possibly execute arbitrary code via an invalid EXIF image. NOTE: some of these details are obtained from third party...

PT-2009-6117 · None · Libexif

Name of the Vulnerable Software and Affected Versions: libexif version 0.6.18 Description: The issue is related to a heap-based buffer overflow in the exif entry fix function, which can be triggered by an invalid EXIF image. This could lead to a denial of service or potentially allow the executio...

Debian DSA-1533-2 : exiftags - insufficient input sanitizing

Christian Schmid and Meder Kydyraliev Google Security discovered a number of vulnerabilities in exiftags, a utility for extracting EXIF metadata from JPEG images. The Common Vulnerabilities and Exposures project identified the following three problems : - CVE-2007-6354 Inadequate EXIF property...

Moderate: Red Hat Security Advisory: libexif integer overflow

Updated libexif packages that fix an integer overflow flaw are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The libexif package contains the EXIF library. Applications use this library to...

CentOS 3 / 4 : php (CESA-2005:831)

Updated PHP packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web...

Mandrake Linux Security Advisory : php (MDKSA-2005:213)

"A number of vulnerabilities were discovered in PHP : An issue with fopenwrappers.c would not properly restrict access to other directories when the openbasedir directive included a trailing slash CVE-2005-3054 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...

RHEL 3 / 4 : php (RHSA-2005:831)

Updated PHP packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web...