73 matches found
EUVD-2017-0042
Malware in sbrugna...
EUVD-2017-0043
Malware in sbrugna...
Heap Buffer Overflow
libexiv2.so is vulnerable to a Heap Buffer Overflow. The vulnerability is due to a heap buffer overflow triggered when writing metadata into a crafted image file, allows an attacker could exploit this to achieve code execution if a victim processes a malicious image with Exiv2...
libexiv2 0.28.x < 0.28.3 (GHSA-38rv-8x93-pvrh)
The version of libexiv2 installed on the remote host is prior to 0.28.3. It is, therefore, affected by a vulnerability as referenced in the GHSA-38rv-8x93-pvrh advisory. - Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An...
libexiv2 Installed (Linux / Unix)
Binary data libexiv2nixinstalled.nbin...
Out Of Bounds Read
libexiv2.so is vulnerable to45462 . The vulnerability is due to a flaw in the QuickTimeVideo::NikonTagsDecoder function when reading the metadata of a video. The vulnerability allows an attacker to trigger an out-of-bounds read by manipulating a video file...
Out-of-bounds Write
libexiv2.so is vulnerable to Out-of-bounds Write. The vulnerability exists because of an integer overflow in the brotliUncompress function within bmffimage.cpp. This flaw enables an attacker to manipulate and potentially read, write, delete, or modify image metadata such as Exif, IPTC, XMP, and I...
Denial Of Service (DoS)
libexiv2.so is vulnerable to Denial Of Service DoS. The vulnerability exists in the PngImage::printStructure function at pngimage.cpp due to a buffer overflow which allows an attacker to cause an application crash...
Denial Of Service (DoS)
libexiv2.so is vulnerable to denial of service. The vulnerability exists Databuf function of rafimage.cpp due to a null pointer dereference which allows an attacker to crash the application via malicious input...
Denial Of Service (DoS)
libexiv2.so is vulnerable to denial of service.The vulnerability exists in QuickTimeVideo::multipleEntriesDecoder function of quicktimevideo.cpp due to an infinite loop in the Quicktime Video Handler which allows an attacker to crash the application via malicious input...
Heap-based Buffer Overflow
libexiv2.so is vulnerable to heap based buffer overflow. The vulnerability is due to multiple out-of-bounds writes in Image::printIFDStructure , which allows an attacker to crash the application...
Denial Of Service (DoS)
libexiv2.so is vulnerable to denial of service. The vulnerability exists due to the stack out of bound read in webpimage.cpp, allowing an attacker to cause an application crash by providing a large parameter size and file size to the WebP parser...
Heap-based Buffer Overflow
libexiv2.so is vulnerable to heap-based buffer overflows. The vulnerability exists in the decodeBlock function of quicktimevideo.cpp due to improper handling of buffer size which allows an attacker to cause overflows resulting in an application crash...
Buffer Overflow
libexiv2.so is vulnerable to buffer overflow. The vulnerability exists in the QuickTimeVideo::userDataDecoder function in quicktimevideo.cpp where the resulting value will always be larger than the original value allowing an attacker to cause an application crash through an integer overflow by...
Buffer Overflow
libexiv2.so is vulnerable to buffer overflow. The vulnerability exists when datasize is less than headersize in the WebPImage::getHeaderOffset function of webpimage.cpp, allowing an attacker to cause an application crash through the integer overflow by providing a malicious input...
Denial Of Service (DoS)
libexiv2.so is vulnerable to denial of service. The vulnerability exists due to a segmentation fault in the Image::printIFDStructure function in image.cpp which allows an attacker to crash the application via malicious tiff file...
Heap-based Buffer Overflow
libexiv2.so is vulnerable to heap-based buffer overflows. The vulnerability exists due to a null pointer dereference in quicktimevideo.cpp which allows an attacker to cause buffer overflows resulting in an application crash...
Heap-based Buffer Overflow
libexiv2.so is vulnerable to heap based buffer overflow. The vulnerability is due to the userDataDecoder function in quicktimevideo.cpp, where an attacker can remotely cause a buffer overflow...
Denial Of Service (DoS)
libexiv2.so is vulnerable to denial of service. A heap-based buffer overflow in Exiv2::Internal::CrwMap::encode allows an attacker to cause an application crash...
Denial Of Service (DoS)
libexiv2.so is vulnerable to denial of service DoS attacks. When an attacker sends a malicious CRW image,the function Exiv2::Internal::CiffDirectory::readDirectory in crwimageint.cpp fails to check the offset and size against the total size, causing a trigger for an application crash via...