20 matches found
EUVD-2018-19445
Malware in sbrugna...
SUSE CVE-2017-18235
An issue was discovered in Exempi before 2.4.3. The VPXChunk class in XMPFiles/source/FormatSupport/WEBPSupport.cpp does not ensure nonzero widths and heights, which allows remote attackers to cause a denial of service assertion failure and application exit via a crafted .webp file...
Scientific Linux Security Update : exempi on SL7.x x86_64 (20190806)
Security Fixes : - exempi: Infinite Loop in Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp CVE-2017-18233 - exempi: Use after free via a PDF file containing JPEG data CVE-2017-18234 - exempi: Infinite loop in ASFSupport::ReadHeaderObject function in...
Denial Of Service (DoS)
exempi is vulnerable to denial of service DoS. The vulnerability exists through a heap-based buffer overflow in PSDMetaHandler::CacheFileData function in XMPFiles/source/FormatSupport/PSIRFileWriter.cpp allows for denial of service via crafted XLS file...
An Update For Exempi Is Now Available For Red Hat Enterprise Linux 7. Red Hat Product Security Has Rated This Update As Having A Security Impact Of Low. A Common Vulnerability Scoring System (CVSS) Base Score, Which Gives A Det...(exceeded 255 Characters)
exempi is vulnerable to denial of service DoS. The vulnerability exists through an infinite loop in ASFSupport::ReadHeaderObject function in XMPFiles/source/FormatSupport/ASFSupport.cpp...
EulerOS 2.0 SP3 : exempi (EulerOS-SA-2018-1173)
According to the version of the exempi package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An issue was discovered in Exempi before 2.4.3. It allows remote attackers to cause a denial of service invalid memcpy with resultant use-after-free...
UBUNTU-CVE-2018-12648
The WEBP::GetLE32 function in XMPFiles/source/FormatSupport/WEBPSupport.hpp in Exempi 2.4.5 has a NULL pointer dereference...
[SECURITY] Fedora 28 Update: exempi-2.4.5-1.fc28
Exempi provides a library for easy parsing of XMP metadata. It is a port of Adobe XMP SDK to work on UNIX and to be build with GNU automake. It includes XMPCore and XMPFiles...
CVE-2017-18234
An issue was discovered in Exempi before 2.4.3. It allows remote attackers to cause a denial of service invalid memcpy with resultant use-after-free or possibly have unspecified other impact via a .pdf file containing JPEG data, related to XMPFiles/source/FormatSupport/ReconcileTIFF.cpp,...
Exempi Denial of Service Vulnerability (CNVD-2018-06684)
Exempi is an open source implementation of XMP based on the Adobe XMP SDK. A security vulnerability exists in the Chunk class of the XMPFiles/source/FormatSupport/RIFF.cpp file in versions of Exempi prior to 2.4.4. A remote attacker can exploit this vulnerability to cause a denial of service...
CVE-2017-18233
An issue was discovered in Exempi before 2.4.4. Integer overflow in the Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp allows remote attackers to cause a denial of service infinite loop via crafted XMP data in a .avi file...
CVE-2017-18235
An issue was discovered in Exempi before 2.4.3. The VPXChunk class in XMPFiles/source/FormatSupport/WEBPSupport.cpp does not ensure nonzero widths and heights, which allows remote attackers to cause a denial of service assertion failure and application exit via a crafted .webp file...
DEBIAN-CVE-2017-18237
An issue was discovered in Exempi before 2.4.3. The PostScriptSupport::ConvertToDate function in XMPFiles/source/FormatSupport/PostScriptSupport.cpp allows remote attackers to cause a denial of service invalid pointer dereference and application crash via a crafted .ps file...
Design/Logic Flaw
An issue was discovered in Exempi before 2.4.3. It allows remote attackers to cause a denial of service invalid memcpy with resultant use-after-free or possibly have unspecified other impact via a .pdf file containing JPEG data, related to XMPFiles/source/FormatSupport/ReconcileTIFF.cpp,...
Code injection
An issue was discovered in Exempi before 2.4.3. The VPXChunk class in XMPFiles/source/FormatSupport/WEBPSupport.cpp does not ensure nonzero widths and heights, which allows remote attackers to cause a denial of service assertion failure and application exit via a crafted .webp file...
Integer overflow
An issue was discovered in Exempi before 2.4.4. Integer overflow in the Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp allows remote attackers to cause a denial of service infinite loop via crafted XMP data in a .avi file...
CVE-2017-18233
An issue was discovered in Exempi before 2.4.4. Integer overflow in the Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp allows remote attackers to cause a denial of service infinite loop via crafted XMP data in a .avi file...
CVE-2018-7729
An issue was discovered in Exempi through 2.4.4. There is a stack-based buffer over-read in the PostScriptMetaHandler::ParsePSFile function in XMPFiles/source/FileHandlers/PostScriptHandler.cpp...
CVE-2018-7731
An issue was discovered in Exempi through 2.4.4. XMPFiles/source/FormatSupport/WEBPSupport.cpp does not check whether a bitstream has a NULL value, leading to a NULL pointer dereference in the WEBP::VP8XChunk class...
CVE-2018-7729
An issue was discovered in Exempi through 2.4.4. There is a stack-based buffer over-read in the PostScriptMetaHandler::ParsePSFile function in XMPFiles/source/FileHandlers/PostScriptHandler.cpp...