165 matches found
CVE-2020-13114
CVE-2020-13114 affects libexif up to version 0.6.21, where an unrestricted size in handling Canon EXIF MakerNote data can cause excessive compute time during EXIF decoding (DoS). Affected component: libexif (exif-data.c/maker-note handling). Impact described across multiple advisories: potential ...
CVE-2020-13114
An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data...
CVE-2020-13114
An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data...
CVE-2020-13114
An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data...
libexif code issue vulnerability
libexif is a library of functions written in the C language. It is mainly used to read and write EXIF meta-information from graphics files. A code issue vulnerability exists in versions prior to libexif 0.6.22 that stems from the use of uninitialized memory during EXIF Makernote processing. An...
Libexif Buffer Overflow Vulnerability
libexif is a library of functions written in the C language. It is mainly used to read and write EXIF meta-information from graphics files. A buffer overflow vulnerability exists in the processing of EXIF MakerNote in versions prior to libexif 0.6.22. An attacker could exploit this vulnerability ...
libexif Resource Management Error Vulnerability
libexif is a library of functions written in the C language. It is mainly used to read and write EXIF meta-information from graphics files. A security vulnerability exists in versions prior to libexif 0.6.22, which stems from the program failing to limit the size value when processing Canon EXIF...
LibRaw: stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp
There is a stack-based buffer overflow in the parsemakernote function of dcrawcommon.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of service or possibly unspecified other impact...
php: Uninitialized read in exif_process_IFD_in_MAKERNOTE
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exifprocessIFDinMAKERNOTE because of mishandling the datalen variable...
The vulnerability of the parse_makernote function in the LibRaw image processing library allows a hacker to trigger a service failure.
The vulnerability of the parsemakernote function in the LibRaw image processing library is related to buffer overflow in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...
PHP Uninitialized Read Vulnerability (CNVD-2019-24791)
PHP is a general-purpose open source scripting language. The syntax absorbs the characteristics of the C language , Java and Perl , easy to learn , widely used , mainly in the field of Web development . An uninitialized read vulnerability exists in exifprocessIFDinMAKERNOTE in the EXIF component ...
PHP Uninitialized Read Vulnerability (CNVD-2019-24792)
PHP is a general-purpose open source scripting language. The syntax absorbs the characteristics of the C language , Java and Perl , easy to learn , widely used , mainly in the field of Web development . An uninitialized read vulnerability exists in exifprocessIFDinMAKERNOTE in the EXIF component ...
LibRaw stack buffer overflow vulnerability (CNVD-2018-26473)
LibRaw is a C++ library developed by the LibRaw team for processing RAW CRW/CR2, NEF, RAF, DNG and others format images. A stack-based buffer overflow vulnerability exists in the 'parsemakernote' function of the dcrawcommon.cpp file in LibRaw version 0.19.1. An attacker can exploit this...
DEBIAN-CVE-2018-20337
There is a stack-based buffer overflow in the parsemakernote function of dcrawcommon.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of service or possibly unspecified other impact...
UBUNTU-CVE-2018-20337
There is a stack-based buffer overflow in the parsemakernote function of dcrawcommon.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of service or possibly unspecified other impact...
ALPINE-CVE-2018-14851
exifprocessIFDinMAKERNOTE in ext/exif/exif.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted JPEG file...
CVE-2018-14851
exifprocessIFDinMAKERNOTE in ext/exif/exif.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted JPEG file...
UBUNTU-CVE-2018-14851
exifprocessIFDinMAKERNOTE in ext/exif/exif.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted JPEG file...
CVE-2018-10549
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. exifreaddata in ext/exif/exif.c has an out-of-bounds read for crafted JPEG data because exifiifaddvalue mishandles the case of a MakerNote that lacks a final '\0' character...
CVE-2018-10549
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. exifreaddata in ext/exif/exif.c has an out-of-bounds read for crafted JPEG data because exifiifaddvalue mishandles the case of a MakerNote that lacks a final '\0' character...