RSS   Vulnerabilities for 'Libexif'   RSS

2019-02-20
 
CVE-2018-20030

CWE-400
 

 
An error when processing the EXIF_IFD_INTEROPERABILITY and EXIF_IFD_EXIF tags within libexif version 0.6.21 can be exploited to exhaust available CPU resources.

 
2018-10-31
 
CVE-2016-6328

CWE-190
 

 
A vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of the input file. This can cause Denial-of-Service (DoS) and Information Disclosure (disclosing some critical heap chunk metadata, even other applications' private data).

 
2017-09-21
 
CVE-2017-7544

CWE-125
 

 
libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c caused by improper length computation of the allocated data of an ExifMnote entry which can cause denial-of-service or possibly information disclosure.

 


Copyright 2019, cxsecurity.com

 

Back to Top