Integer overflow in exif.cpp in exiv2 library allows context-dependent attackers to execute arbitrary code via a crafted EXIF file that triggers a heap-based buffer overflow.

...

FreeImage Exif.cpp::jpeg_read_exif_dir function integer overflow vulnerability

FreeImage is a cross-platform open source library for supporting popular graphic image formats. An integer overflow vulnerability exists in FreeImage version 3.18.0, which stems from a failure of the component Exif.cpp::jpegreadexifdir to properly handle operations related to integers. An attacke...

CVE-2023-47996

An integer overflow vulnerability in Exif.cpp::jpegreadexifdir in FreeImage 3.18.0 allows attackers to obtain information and cause a denial of service...

CVE-2023-47996

An integer overflow vulnerability in Exif.cpp::jpegreadexifdir in FreeImage 3.18.0 allows attackers to obtain information and cause a denial of service...

Design/Logic Flaw

A Buffer out-of-bound read vulnerability in Exif.cpp::ReadInt32 in FreeImage 3.18.0 allows attackers to cause a denial-of-service...

CVE-2023-47993

A Buffer out-of-bound read vulnerability in Exif.cpp::ReadInt32 in FreeImage 3.18.0 allows attackers to cause a denial-of-service...

CVE-2023-47996

An integer overflow vulnerability in Exif.cpp::jpegreadexifdir in FreeImage 3.18.0 allows attackers to obtain information and cause a denial of service...

CVE-2023-47996

An integer overflow vulnerability in Exif.cpp::jpegreadexifdir in FreeImage 3.18.0 allows attackers to obtain information and cause a denial of service...

PT-2024-13533 · Freeimage +1 · Freeimage +1

Name of the Vulnerable Software and Affected Versions: FreeImage version 3.18.0 Description: A Buffer out-of-bound read vulnerability in Exif.cpp::ReadInt32 allows attackers to cause a denial-of-service. This issue is related to the ReadInt32 function in the Exif.cpp file. Recommendations: For...

CVE-2023-47993

FreeImage 3.18.0 is affected by a buffer out-of-bounds read in Exif.cpp::ReadInt32, enabling denial-of-service. The root cause is insufficient validation of user data in that component. Impact is limited to DoS as described; exploitation details are not provided in the documents beyond a PoC refe...

CVE-2023-47996

An integer overflow vulnerability in Exif.cpp::jpegreadexifdir in FreeImage 3.18.0 allows attackers to obtain information and cause a denial of service...

CVE-2023-47996

CVE-2023-47996 is an integer overflow in FreeImage 3.18.0, specifically in Exif.cpp::jpeg_read_exif_dir. The vulnerability can allow attackers to obtain information and cause a denial of service. Affected component: FreeImage 3.18.0; root cause: improper handling in jpeg_read_exif_dir leading to ...

PT-2024-13536 · Freeimage +1 · Freeimage +1

Name of the Vulnerable Software and Affected Versions: FreeImage version 3.18.0 Description: An integer overflow vulnerability in Exif.cpp::jpeg read exif dir allows attackers to obtain information and cause a denial of service. Recommendations: For FreeImage version 3.18.0, consider disabling th...

Integer overflow

Integer overflow in exif.cpp in exiv2 library allows context-dependent attackers to execute arbitrary code via a crafted EXIF file that triggers a heap-based buffer overflow...