24 matches found
Astra Linux - уязвимость в exiv2
An invalid memory address dereferencing was discovered in Exiv2::getULong in types.cpp in Exiv2 0.26. This vulnerability causes a segmentation fault and results in the application crashing, leading to a denial of service...
SUSE CVE-2017-14864
An Invalid memory address dereference was discovered in Exiv2::getULong in types.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service...
SUSE CVE-2017-17725
In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-read in the Exiv2::getULong function in types.cpp. Remote attackers can exploit the vulnerability to cause a denial of service via a crafted image file. Note that this vulnerability is different from CVE-2017-14864,...
SUSE CVE-2019-17402
Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimageint.cpp, because there is no validation of the relationship of the total size to the offset and size...
Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimage_int.cpp because there is no validation of the relationship of the total size to the offset and size.
...
EulerOS 2.0 SP3 : exiv2 (EulerOS-SA-2021-1782)
According to the versions of the exiv2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Exiv2 0.26 has a heap-based buffer overflow in getData in preview.cpp.CVE-2018-11531 - Exiv2 0.27.2 allows attackers to trigger a crash in...
CVE-2019-17402
Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimageint.cpp, because there is no validation of the relationship of the total size to the offset and size...
DEBIAN-CVE-2019-17402
Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimageint.cpp, because there is no validation of the relationship of the total size to the offset and size...
AZL-7204 CVE-2019-17402 affecting package exiv2 for versions less than 0.27.5-1
Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimageint.cpp, because there is no validation of the relationship of the total size to the offset and size...
PYSEC-2019-247
Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimageint.cpp, because there is no validation of the relationship of the total size to the offset and size...
CVE-2019-17402
Exiv2 0.27.2 has a vulnerability where Exiv2::getULong in types.cpp can crash when invoked from Exiv2::Internal::CiffDirectory::readDirectory in crwimage_int.cpp due to missing validation of total size against offset/size. The issue is triggered by CRW processing and results in a crash/denial of ...
CVE-2019-17402
Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimageint.cpp, because there is no validation of the relationship of the total size to the offset and size...
PT-2019-5691 · Exiv2 +8 · Exiv2 +8
Name of the Vulnerable Software and Affected Versions: Exiv2 version 0.27.2 Description: The issue is related to a lack of validation in the Exiv2 library, specifically in the crwimage int.cpp module, which can lead to a crash when the getULong function is called from CiffDirectory::readDirectory...
Invalid Memory Dereference
libexiv2.so is vulnerable to invalid memory dereference attacks. The vulnerability exists in Exiv2::getULong in types.cpp where parsing an image with invalid exif values would cause a denial of service DoS...
Exiv2 'Exiv2::getULong' function integer overflow vulnerability
Exiv2 is a set of C++ libraries and command line applications for managing image metadata by software developer Andreas Huggel, which provides fast and easy reading and writing of image metadata in a variety of EXIF, IPTC and XMP formats. An integer overflow vulnerability exists in the...
CVE-2017-17725
In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-read in the Exiv2::getULong function in types.cpp. Remote attackers can exploit the vulnerability to cause a denial of service via a crafted image file. Note that this vulnerability is different from CVE-2017-14864,...
PYSEC-2018-124
In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-read in the Exiv2::getULong function in types.cpp. Remote attackers can exploit the vulnerability to cause a denial of service via a crafted image file. Note that this vulnerability is different from CVE-2017-14864,...
CVE-2017-17725
In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-read in the Exiv2::getULong function in types.cpp. Remote attackers can exploit the vulnerability to cause a denial of service via a crafted image file. Note that this vulnerability is different from CVE-2017-14864,...
CVE-2017-17725
CVE-2017-17725 : In Exiv2 0.26, an integer overflow in Exiv2::getULong (types.cpp) causes a heap-based buffer over-read. This can be leveraged remotely to trigger a denial of service via a crafted image file. The description indicates a DoS impact but does not provide exploit details beyond the o...
DEBIAN-CVE-2017-14864
An Invalid memory address dereference was discovered in Exiv2::getULong in types.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service...