EUVD-2018-19445

Malware in sbrugna...

SUSE CVE-2017-18235

An issue was discovered in Exempi before 2.4.3. The VPXChunk class in XMPFiles/source/FormatSupport/WEBPSupport.cpp does not ensure nonzero widths and heights, which allows remote attackers to cause a denial of service assertion failure and application exit via a crafted .webp file...

Scientific Linux Security Update : exempi on SL7.x x86_64 (20190806)

Security Fixes : - exempi: Infinite Loop in Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp CVE-2017-18233 - exempi: Use after free via a PDF file containing JPEG data CVE-2017-18234 - exempi: Infinite loop in ASFSupport::ReadHeaderObject function in...

An Update For Exempi Is Now Available For Red Hat Enterprise Linux 7. Red Hat Product Security Has Rated This Update As Having A Security Impact Of Low. A Common Vulnerability Scoring System (CVSS) Base Score, Which Gives A Det...(exceeded 255 Characters)

exempi is vulnerable to denial of service DoS. The vulnerability exists through an infinite loop in ASFSupport::ReadHeaderObject function in XMPFiles/source/FormatSupport/ASFSupport.cpp...

Denial Of Service (DoS)

exempi is vulnerable to denial of service DoS. The vulnerability exists through a heap-based buffer overflow in PSDMetaHandler::CacheFileData function in XMPFiles/source/FormatSupport/PSIRFileWriter.cpp allows for denial of service via crafted XLS file...

EulerOS 2.0 SP3 : exempi (EulerOS-SA-2018-1173)

According to the version of the exempi package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An issue was discovered in Exempi before 2.4.3. It allows remote attackers to cause a denial of service invalid memcpy with resultant use-after-free...

UBUNTU-CVE-2018-12648

The WEBP::GetLE32 function in XMPFiles/source/FormatSupport/WEBPSupport.hpp in Exempi 2.4.5 has a NULL pointer dereference...

[SECURITY] Fedora 28 Update: exempi-2.4.5-1.fc28

Exempi provides a library for easy parsing of XMP metadata. It is a port of Adobe XMP SDK to work on UNIX and to be build with GNU automake. It includes XMPCore and XMPFiles...

CVE-2017-18234

An issue was discovered in Exempi before 2.4.3. It allows remote attackers to cause a denial of service invalid memcpy with resultant use-after-free or possibly have unspecified other impact via a .pdf file containing JPEG data, related to XMPFiles/source/FormatSupport/ReconcileTIFF.cpp,...

Exempi Denial of Service Vulnerability (CNVD-2018-06684)

Exempi is an open source implementation of XMP based on the Adobe XMP SDK. A security vulnerability exists in the Chunk class of the XMPFiles/source/FormatSupport/RIFF.cpp file in versions of Exempi prior to 2.4.4. A remote attacker can exploit this vulnerability to cause a denial of service...

Design/Logic Flaw

An issue was discovered in Exempi before 2.4.3. It allows remote attackers to cause a denial of service invalid memcpy with resultant use-after-free or possibly have unspecified other impact via a .pdf file containing JPEG data, related to XMPFiles/source/FormatSupport/ReconcileTIFF.cpp,...

CVE-2017-18235

An issue was discovered in Exempi before 2.4.3. The VPXChunk class in XMPFiles/source/FormatSupport/WEBPSupport.cpp does not ensure nonzero widths and heights, which allows remote attackers to cause a denial of service assertion failure and application exit via a crafted .webp file...

CVE-2017-18233

An issue was discovered in Exempi before 2.4.4. Integer overflow in the Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp allows remote attackers to cause a denial of service infinite loop via crafted XMP data in a .avi file...

Integer overflow

An issue was discovered in Exempi before 2.4.4. Integer overflow in the Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp allows remote attackers to cause a denial of service infinite loop via crafted XMP data in a .avi file...

Code injection

An issue was discovered in Exempi before 2.4.3. The VPXChunk class in XMPFiles/source/FormatSupport/WEBPSupport.cpp does not ensure nonzero widths and heights, which allows remote attackers to cause a denial of service assertion failure and application exit via a crafted .webp file...

DEBIAN-CVE-2017-18237

An issue was discovered in Exempi before 2.4.3. The PostScriptSupport::ConvertToDate function in XMPFiles/source/FormatSupport/PostScriptSupport.cpp allows remote attackers to cause a denial of service invalid pointer dereference and application crash via a crafted .ps file...

CVE-2017-18233

An issue was discovered in Exempi before 2.4.4. Integer overflow in the Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp allows remote attackers to cause a denial of service infinite loop via crafted XMP data in a .avi file...

CVE-2018-7729

An issue was discovered in Exempi through 2.4.4. There is a stack-based buffer over-read in the PostScriptMetaHandler::ParsePSFile function in XMPFiles/source/FileHandlers/PostScriptHandler.cpp...

CVE-2018-7731

An issue was discovered in Exempi through 2.4.4. XMPFiles/source/FormatSupport/WEBPSupport.cpp does not check whether a bitstream has a NULL value, leading to a NULL pointer dereference in the WEBP::VP8XChunk class...

CVE-2018-7729

An issue was discovered in Exempi through 2.4.4. There is a stack-based buffer over-read in the PostScriptMetaHandler::ParsePSFile function in XMPFiles/source/FileHandlers/PostScriptHandler.cpp...