Download
| Alert*
oval:org.secpod.oval:def:2000516
samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realpath function on POSIX platforms where glibc is not used, possibly leading to a buffer overflow. oval:org.secpod.oval:def:114898 A command line utility to access image metadata, allowing one to: * print the Exif metadata of Jpeg images as summary info, interpreted values, or the plain data for each tag * print the Iptc metadata of Jpeg images * print the Jpeg comment of Jpeg images * set, add and delete Exif and Iptc metadata ... oval:org.secpod.oval:def:2000382 Exiv2::Internal::PngChunk::parseTXTChunk in Exiv2 v0.26 allows remote attackers to cause a denial of service via a crafted image file, a different vulnerability than CVE-2018-10999. oval:org.secpod.oval:def:2001140 There is a reachable assertion in the Internal::TiffReader::visitDirectory function in tiffvisitor.cpp of Exiv2 0.26 that will lead to a remote denial of service attack via crafted input. oval:org.secpod.oval:def:2000134 In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service caused by an integer overflow via a crafted PSD image file. oval:org.secpod.oval:def:1900114 In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp may suffer from a denial of service caused by an integer overflow via a crafted PSD image file. oval:org.secpod.oval:def:1900088 In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngchunk_int.cpp may cause a denial of service via a crafted PNG file. oval:org.secpod.oval:def:1900137 In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service caused by an integer overflow via a crafted PSD image file. oval:org.secpod.oval:def:2000632 In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngchunk_int.cpp may cause a denial of service via a crafted PNG file. oval:org.secpod.oval:def:2001562 In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp may suffer from a denial of service caused by an integer overflow via a crafted PSD image file. oval:org.secpod.oval:def:114535 A command line utility to access image metadata, allowing one to: * print the Exif metadata of Jpeg images as summary info, interpreted values, or the plain data for each tag * print the Iptc metadata of Jpeg images * print the Jpeg comment of Jpeg images * set, add and delete Exif and Iptc metadata ... oval:org.secpod.oval:def:114532 A command line utility to access image metadata, allowing one to: * print the Exif metadata of Jpeg images as summary info, interpreted values, or the plain data for each tag * print the Iptc metadata of Jpeg images * print the Jpeg comment of Jpeg images * set, add and delete Exif and Iptc metadata ... oval:org.secpod.oval:def:2000092 CiffDirectory::readDirectory at crwimage_int.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service. oval:org.secpod.oval:def:53362 Several vulnerabilites have been discovered in Exiv2, a C++ library and a command line utility to manage image metadata which could result in denial of service or the execution of arbitrary code if a malformed file is parsed. oval:org.secpod.oval:def:114916 A command line utility to access image metadata, allowing one to: * print the Exif metadata of Jpeg images as summary info, interpreted values, or the plain data for each tag * print the Iptc metadata of Jpeg images * print the Jpeg comment of Jpeg images * set, add and delete Exif and Iptc metadata ... oval:org.secpod.oval:def:704434 exiv2: EXIF/IPTC/XMP metadata manipulation tool Several security issues were fixed in Exiv2. oval:org.secpod.oval:def:51188 exiv2: EXIF/IPTC/XMP metadata manipulation tool Several security issues were fixed in Exiv2. oval:org.secpod.oval:def:51545 exiv2: EXIF/IPTC/XMP metadata manipulation tool Several security issues were fixed in Exiv2. oval:org.secpod.oval:def:51080 exiv2: EXIF/IPTC/XMP metadata manipulation tool Several security issues were fixed in Exiv2. oval:org.secpod.oval:def:704181 exiv2: EXIF/IPTC/XMP metadata manipulation tool Several security issues were fixed in Exiv2. oval:org.secpod.oval:def:603442 Several vulnerabilites have been discovered in Exiv2, a C++ library and a command line utility to manage image metadata which could result in denial of service or the execution of arbitrary code if a malformed file is parsed. |