[SECURITY] Fedora 43 Update: exiv2-0.28.6-2.fc43

A command line utility to access image metadata, allowing one to: print the Exif metadata of Jpeg images as summary info, interpreted values, or the plain data for each tag print the Iptc metadata of Jpeg images print the Jpeg comment of Jpeg images set, add and delete Exif and Iptc metadata of...

Linux Distros Unpatched Vulnerability : CVE-2005-0406

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A design flaw in image processing software that modifies JPEG images might not modify the original EXIF thumbnail, which could lead to an information leak of...

USN-6200-1 imagemagick vulnerabilities

It was discovered that ImageMagick incorrectly handled the "-authenticate" option for password-protected PDF files. An attacker could possibly use this issue to inject additional shell commands and perform arbitrary code execution. This issue only affected Ubuntu 20.04 LTS. CVE-2020-29599 It was...

SUSE CVE-2009-3607

Integer overflow in the createsurfacefromthumbnaildata function in glib/poppler-page.cc in Poppler 0.x allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of the...

SUSE CVE-2014-3670

The exififdmakevalue function in exif.c in the EXIF extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 operates on floating-point arrays incorrectly, which allows remote attackers to cause a denial of service heap memory corruption and application crash or possibly execut...

Internet Bug Bounty: Uninitialized Thumbail Data Leads To Memory Leakage in exif_process_IFD_in_TIFF

I found other code chunk that leads to memory leakage. exifprocessIFDinTIFFImageInfo, entryoffset, subsectionindex; if sectionindex!=SECTIONTHUMBNAIL && entrytag==TAGSUBIFD if ImageInfo-Thumbnail.filetype != IMAGEFILETYPEUNKNOWN && ImageInfo-Thumbnail.size && ImageInfo-Thumbnail.offset &&...

MediaWiki Information Disclosure Vulnerability (CNVD-2015-07531)

MediaWiki is a famous wiki program that runs on PHP+MySQL environment. MediaWiki suffers from an information disclosure vulnerability. A remote attacker can exploit this vulnerability to learn the installation path by reading PNG thumbnail data...

Memory corruption

The exififdmakevalue function in exif.c in the EXIF extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 operates on floating-point arrays incorrectly, which allows remote attackers to cause a denial of service heap memory corruption and application crash or possibly execut...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS. Integer overflow in the createsurfacefromthumbnaildata function in glib/poppler-page.cc in Poppler 0.x allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via ...