CVE-2019-14369

Exiv2::PngImage::readMetadata in pngimage.cpp in Exiv2 0.27.99.0 allows attackers to cause a denial of service heap-based buffer over-read via a crafted image file...

Heap overflow

Exiv2::PngImage::readMetadata in pngimage.cpp in Exiv2 0.27.99.0 allows attackers to cause a denial of service heap-based buffer over-read via a crafted image file...

CVE-2019-14369

Exiv2::PngImage::readMetadata in pngimage.cpp in Exiv2 0.27.99.0 allows attackers to cause a denial of service heap-based buffer over-read via a crafted image file...

Design/Logic Flaw

In Exiv2 0.27.99.0, there is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp. It could result in denial of service...

PYSEC-2019-246

In Exiv2 0.27.99.0, there is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp. It could result in denial of service...

PYSEC-2019-244

Exiv2 0.27.99.0 has a heap-based buffer over-read in Exiv2::RafImage::readMetadata in rafimage.cpp...

CVE-2019-14368

Exiv2 0.27.99.0 has a heap-based buffer over-read in Exiv2::RafImage::readMetadata in rafimage.cpp...

CVE-2019-14368

Exiv2 0.27.99.0 has a heap-based buffer over-read in Exiv2::RafImage::readMetadata in rafimage.cpp...

CVE-2019-14368

Exiv2 0.27.99.0 has a heap-based buffer over-read in Exiv2::RafImage::readMetadata in rafimage.cpp...

CVE-2019-14369

CVE-2019-14369 : Exiv2 0.27.99.0’s PngImage::readMetadata() (pngimage.cpp) allows a crafted PNG image to trigger a heap-based buffer over-read, leading to a denial of service. Public documents corroborate this impact and indicate fixes in Exiv2 release 0.27.4 (and related patches in downstream di...

CVE-2019-14370

In Exiv2 0.27.99.0, there is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp. It could result in denial of service...

CVE-2019-14369

Exiv2::PngImage::readMetadata in pngimage.cpp in Exiv2 0.27.99.0 allows attackers to cause a denial of service heap-based buffer over-read via a crafted image file...

PT-2019-6325 · Exiv2 +1 · Exiv2 +1

Name of the Vulnerable Software and Affected Versions: Exiv2 version 0.27.99.0 Description: The issue is related to an out-of-bounds read in the Exiv2::MrwImage::readMetadata function in mrwimage.cpp. This could result in a denial of service. The vulnerability can be exploited by a remote attacke...

CVE-2019-13504

There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp in Exiv2 through 0.27.2...

CVE-2019-13504

There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp in Exiv2 through 0.27.2...

Design/Logic Flaw

There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp in Exiv2 through 0.27.2...

CVE-2019-13504

Exiv2 CVE-2019-13504 is an out-of-bounds read in Exiv2::MrwImage::readMetadata (mrwimage.cpp) present in Exiv2 up to version 0.27.2. Connected sources indicate vulnerable Exiv2 readers handle MRW metadata and that the issue can affect installations using Exiv2 prior to fixes. Debian and Alpine ad...

CVE-2019-13504

There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp in Exiv2 through 0.27.2...

CVE-2019-13504

There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp in Exiv2 through 0.27.2...

Denial Of Service (DoS)

libexiv2.so is vulnerable to denial of service. The vulnerability exists due to an integer overflow in PngImage::readMetadata which mishandles a zero value for iccOffset allowing an attacker to crash the system via a SIGSEGV via a maliciously crafted PNG image file...