25 matches found
Denial Of Service (DoS)
libexiv2.so is vulnerable to denial of service. The vulnerability exists due to a segmentation fault in the Image::printIFDStructure function in image.cpp which allows an attacker to crash the application via malicious tiff file...
CVE-2018-18915
There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0.27-RC1. A crafted input will lead to a remote denial of service attack...
Input validation
There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0.27-RC1. A crafted input will lead to a remote denial of service attack...
Denial Of Service (DoS) Through Heap Buffer Overflow
libexiv2.so is vulnerable to denial of service DoS through heap-based buffer overflow attacks. The vulnerability exists in basicio.cpp which causes an out-of-bounds write in Exiv2::Image::printIFDStructure and leads to a DoS attack, and possibly other attacks...
CVE-2017-14863
A NULL pointer dereference was discovered in Exiv2::Image::printIFDStructure in image.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service...
Null pointer dereference
A NULL pointer dereference was discovered in Exiv2::Image::printIFDStructure in image.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service...
CVE-2017-12955
There is a heap-based buffer overflow in basicio.cpp of Exiv2 0.26. The vulnerability causes an out-of-bounds write in Exiv2::Image::printIFDStructure, which may lead to remote denial of service or possibly unspecified other impact...
CVE-2017-11336
There is a heap-based buffer over-read in the Image::printIFDStructure function in image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack...
CVE-2017-11339
There is a heap-based buffer overflow in the Image::printIFDStructure function of image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack...
CVE-2017-11339
There is a heap-based buffer overflow in the Image::printIFDStructure function of image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack...
CVE-2017-11336
There is a heap-based buffer over-read in the Image::printIFDStructure function in image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack...
CVE-2017-11336
There is a heap-based buffer over-read in the Image::printIFDStructure function in image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack...
Heap overflow
There is a heap-based buffer overflow in the Image::printIFDStructure function of image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack...
CVE-2017-11336
There is a heap-based buffer over-read in the Image::printIFDStructure function in image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack...
Heap overflow
There is a heap-based buffer over-read in the Image::printIFDStructure function in image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack...
PYSEC-2017-121
There is a heap-based buffer overflow in the Image::printIFDStructure function of image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack...
CVE-2017-11338
There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0.26. A crafted input will lead to a remote denial of service attack...
CVE-2017-11336
There is a confirmed vulnerability in Exiv2 0.26: a heap-based buffer over-read in Image::printIFDStructure (image.cpp) can be triggered by crafted input, leading to remote denial of service. The CVE-2017-11336 entry is supported by multiple sources in the connected set, which describe the affect...
CVE-2017-11339
There is a heap-based buffer overflow in the Image::printIFDStructure function of image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack...
CVE-2017-11339
CVE-2017-11339 : Exiv2 0.26 contains a heap-based buffer overflow in the Image::printIFDStructure function (image.cpp) triggered by crafted input, leading to remote denial of service. Multiple open advisories (e.g., openSUSE/SUSE updates) fix this by upgrading to Exiv2 0.26 or applying patches. T...