Show filters
23 Total Results
Displaying 11-20 of 23
Sort by:
Attacker Value
Unknown

CVE-2019-17402

Disclosure Date: October 09, 2019 (last updated November 27, 2024)
Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimage_int.cpp, because there is no validation of the relationship of the total size to the offset and size.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2019-14369

Disclosure Date: July 28, 2019 (last updated November 27, 2024)
Exiv2::PngImage::readMetadata() in pngimage.cpp in Exiv2 0.27.99.0 allows attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2019-14368

Disclosure Date: July 28, 2019 (last updated November 27, 2024)
Exiv2 0.27.99.0 has a heap-based buffer over-read in Exiv2::RafImage::readMetadata() in rafimage.cpp.
0
0
Attacker Value
Unknown

CVE-2019-14370

Disclosure Date: July 28, 2019 (last updated November 27, 2024)
In Exiv2 0.27.99.0, there is an out-of-bounds read in Exiv2::MrwImage::readMetadata() in mrwimage.cpp. It could result in denial of service.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2019-9143

Disclosure Date: February 25, 2019 (last updated November 27, 2024)
An issue was discovered in Exiv2 0.27. There is infinite recursion at Exiv2::Image::printTiffStructure in the file image.cpp. This can be triggered by a crafted file. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.
0
0
Attacker Value
Unknown

CVE-2019-9144

Disclosure Date: February 25, 2019 (last updated November 27, 2024)
An issue was discovered in Exiv2 0.27. There is infinite recursion at BigTiffImage::printIFD in the file bigtiffimage.cpp. This can be triggered by a crafted file. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.
0
0
Attacker Value
Unknown

CVE-2018-20097

Disclosure Date: December 12, 2018 (last updated November 08, 2023)
There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroups of tiffimage_int.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2018-20096

Disclosure Date: December 12, 2018 (last updated November 08, 2023)
There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf function of pngimage.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
0
0
Attacker Value
Unknown

CVE-2018-20098

Disclosure Date: December 12, 2018 (last updated November 08, 2023)
There is a heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
0
0
Attacker Value
Unknown

CVE-2018-20099

Disclosure Date: December 12, 2018 (last updated November 08, 2023)
There is an infinite loop in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
0
0
View More Topics  < Previous  Next >