3 matches found
Updated exif packages fix a security vulnerability
NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service DoS by uploading a malicious JPEG file, causing the application to crash. CVE-2021-27815...
openSUSE Security Update : jhead (openSUSE-2018-1044)
This update for jhead fixes the following security issues : - CVE-2016-3822: jhead remote attackers to execute arbitrary code or cause a denial of service out-of-bounds access via crafted EXIF data bsc1108480. - CVE-2018-16554: The ProcessGpsInfo function may have allowed a remote attacker to cau...
Format string
The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because of inconsistency between float and double in a sprintf format string during TAGGPSALT handling...