Lucene search
+L

84 matches found

OSV
OSV
added 2018/11/26 8:29 p.m.10 views

UBUNTU-CVE-2018-19567

A floating point exception in parsetiffifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code...

5.5CVSS6.5AI score0.00925EPSS
Exploits0References4
CNVD
CNVD
added 2018/11/06 12:0 a.m.4 views

Exiv2 Infinite Loop Vulnerability

Exiv2 is a cross-platform C++ library and command line utility for managing image metadata. An infinite loop vulnerability in the Exiv2::Image::printIFDStructure function in image.cpp in Exiv2 0.27-RC1 can be exploited by an attacker to cause a denial of service via specially crafted input...

6.5CVSS7.2AI score0.01844EPSS
Exploits1References1
CNVD
CNVD
added 2018/01/18 12:0 a.m.7 views

Exiv2 Denial of Service Vulnerability (CNVD-2018-03262)

Exiv2 is a set of C++ libraries and command line applications for managing image metadata by software developer Andreas Huggel, which provides fast and easy reading and writing of image metadata in a variety of EXIF, IPTC and XMP formats. A security vulnerability exists in the...

5.5CVSS6.9AI score0.01865EPSS
Exploits1References1
PyPA
PyPA
added 2017/07/17 1:18 p.m.6 views

PYSEC-2017-118

There is a heap-based buffer over-read in the Image::printIFDStructure function in image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack...

6.5CVSS7AI score0.01424EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2017/07/17 12:0 a.m.27 views

Exiv2 'Image::printIFDStructure' heap buffer overflow vulnerability

Exiv2 is a cross-platform C++ library and command line utility for managing image metadata. The Image::printIFDStructure function in Exiv2's image.cpp suffers from a heap buffer overflow that allows an attacker to conduct a remote denial-of-service attack with specially designed inputs...

6.5CVSS7.5AI score0.01149EPSS
Exploits0References1
CNVD
CNVD
added 2017/06/27 12:0 a.m.8 views

exiv2 'Image::printIFDStructure' Denial of Service Vulnerability

Exiv2 is a suite of C++ libraries and command line applications for managing image metadata, providing fast and easy reading and writing of image metadata in a wide range of EXIF, IPTC and XMP formats. The Image::printIFDStructure security vulnerability in Exiv2 version 0.26. A remote attacker ca...

7.5CVSS6.9AI score0.02808EPSS
Exploits1References1
PyPA
PyPA
added 2017/06/26 11:29 p.m.7 views

PYSEC-2017-142

There is an invalid free in Image::printIFDStructure that leads to a Segmentation fault in Exiv2 0.26. A crafted input will lead to a remote denial of service attack...

7.5CVSS7AI score0.02808EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added 2017/05/26 10:29 a.m.7 views

PYSEC-2017-112

An issue was discovered in Exiv2 0.26. When the data structure of the structure ifd is incorrect, the program assigns pValue to 0x0, and the value of pValue is 0x0. TiffImageEntry::doWriteImage will use the value of pValue to cause a segmentation fault. To exploit this vulnerability, someone must...

6.5CVSS6.8AI score0.02645EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2017/05/26 10:29 a.m.27 views

PYSEC-2017-112

An issue was discovered in Exiv2 0.26. When the data structure of the structure ifd is incorrect, the program assigns pValue to 0x0, and the value of pValue is 0x0. TiffImageEntry::doWriteImage will use the value of pValue to cause a segmentation fault. To exploit this vulnerability, someone must...

6.5CVSS6.2AI score0.02645EPSS
Exploits0References5
OSV
OSV
added 2017/05/26 10:29 a.m.2 views

DEBIAN-CVE-2017-9239

An issue was discovered in Exiv2 0.26. When the data structure of the structure ifd is incorrect, the program assigns pValue to 0x0, and the value of pValue is 0x0. TiffImageEntry::doWriteImage will use the value of pValue to cause a segmentation fault. To exploit this vulnerability, someone must...

6.5CVSS7.5AI score0.02645EPSS
Exploits0References1
OSV
OSV
added 2017/05/26 12:0 a.m.6 views

UBUNTU-CVE-2017-9239

An issue was discovered in Exiv2 0.26. When the data structure of the structure ifd is incorrect, the program assigns pValue to 0x0, and the value of pValue is 0x0. TiffImageEntry::doWriteImage will use the value of pValue to cause a segmentation fault. To exploit this vulnerability, someone must...

6.5CVSS6.7AI score0.02645EPSS
Exploits0References4
OSV
OSV
added 2017/05/16 4:29 p.m.5 views

DEBIAN-CVE-2017-6887

A boundary error within the "parsetiffifd" function internal/dcrawcommon.cpp in LibRaw versions before 0.18.2 can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to "DSLR-A100" and containing multiple sequences of 0x100 and 0x14A TAGs...

7.8CVSS7.4AI score0.01561EPSS
Exploits0References1
OSV
OSV
added 2017/05/16 12:0 a.m.9 views

UBUNTU-CVE-2017-6886

An error within the "parsetiffifd" function internal/dcrawcommon.cpp in LibRaw versions before 0.18.2 can be exploited to corrupt memory...

9.8CVSS6.9AI score0.03362EPSS
Exploits0References5
OSV
OSV
added 2017/05/16 12:0 a.m.6 views

UBUNTU-CVE-2017-6887

A boundary error within the "parsetiffifd" function internal/dcrawcommon.cpp in LibRaw versions before 0.18.2 can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to "DSLR-A100" and containing multiple sequences of 0x100 and 0x14A TAGs...

7.8CVSS6.9AI score0.01561EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2016/06/10 12:0 a.m.8 views

The vulnerability of the PHP interpreter, which allows attackers to trigger a service failure or exert other effects.

The vulnerability of the exifprocessIFDTag function ext/exif/exif.c in the PHP interpreter exists due to incorrect checking of arguments for the spprintf function. Exploiting this vulnerability can allow a malicious actor to trigger a service failure memory overflow or potentially cause other...

7.5CVSS7.5AI score0.06063EPSS
Exploits1References6Affected Software1
Prion
Prion
added 2016/05/22 1:59 a.m.32 views

Out-of-bounds

The exifprocessIFDinJPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate IFD sizes, which allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via crafted header data...

7.5CVSS8AI score0.12179EPSS
Exploits1References15Affected Software4
OSV
OSV
added 2016/05/06 12:0 a.m.5 views

UBUNTU-CVE-2016-4543

The exifprocessIFDinJPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate IFD sizes, which allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via crafted header data...

9.8CVSS7.2AI score0.12179EPSS
Exploits1References4
Hacker One
Hacker One
added 2015/08/28 12:0 a.m.22 views

Internet Bug Bounty: Buffer over-read in exif_read_data with TIFF IFD tag

https://bugs.php.net/bug.php?id=70385...

6.9AI score
Exploits0
OSV
OSV
added 2014/10/29 12:0 a.m.5 views

UBUNTU-CVE-2014-3670

The exififdmakevalue function in exif.c in the EXIF extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 operates on floating-point arrays incorrectly, which allows remote attackers to cause a denial of service heap memory corruption and application crash or possibly execut...

6.8CVSS7.7AI score0.22633EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2013/09/18 12:0 a.m.26 views

Debian Security Advisory DSA 2427-1 (imagemagick - several vulnerabilities)

Two security vulnerabilities related to EXIF processing were discovered in ImageMagick, a suite of programs to manipulate images. CVE-2012-0247When parsing a maliciously crafted image with incorrect offset and count in the ResolutionUnit tag in EXIF IFD0, ImageMagick writes two bytes to an invali...

9.3CVSS0.3AI score0.03816EPSS
Exploits0References1
Rows per page
Query Builder