Astra Linux - уязвимость в exiv2

There is a heap-based buffer overflow issue in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunkint.cpp in Exiv2 0.26. A crafted PNG file can lead to a remote denial-of-service attack...

Exiv2 pngchunk_int.cpp file heap buffer overflow vulnerability

Exiv2 is a set of C++ libraries and command line applications for managing image metadata by software developer Andreas Huggel, which provides fast and easy reading and writing of image metadata in a variety of EXIF, IPTC and XMP formats. A heap buffer overflow vulnerability exists in the...

PYSEC-2017-140

There is a heap-based buffer over-read in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunkint.cpp in Exiv2 0.26. A crafted PNG file will lead to a remote denial of service attack...

DEBIAN-CVE-2017-17669

There is a heap-based buffer over-read in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunkint.cpp in Exiv2 0.26. A crafted PNG file will lead to a remote denial of service attack...

UBUNTU-CVE-2017-17669

There is a heap-based buffer over-read in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunkint.cpp in Exiv2 0.26. A crafted PNG file will lead to a remote denial of service attack...

PT-2017-4090 · Exiv2 +4 · Exiv2 +4

Name of the Vulnerable Software and Affected Versions: Exiv2 version 0.26 Description: The issue is related to a heap-based buffer over-read in the Exiv2::Internal::PngChunk::keyTXTChunk function of pngchunk int.cpp. This can be exploited by a crafted PNG file, potentially leading to a remote...