RSS   Vulnerabilities for 'Exiftool'   RSS

2022-01-25
 
CVE-2022-23935

NVD-CWE-noinfo
 

 
lib/Image/ExifTool.pm in ExifTool before 12.38 mishandles a $file =~ /\|$/ check.

 
2019-01-02
 
CVE-2018-20211

CWE-427
 

 
ExifTool 8.32 allows local users to gain privileges by creating a %TEMP%\par-%username%\cache-exiftool-8.32 folder with a victim's username, and then copying a Trojan horse ws32_32.dll file into this new folder, aka DLL Hijacking. NOTE: 8.32 is an obsolete version from 2010 (9.x was released starting in 2012, and 10.x was released starting in 2015).

 


Copyright 2024, cxsecurity.com

 

Back to Top