RSS   Vulnerabilities for 'Exiv2'   RSS

2019-10-09
 
CVE-2019-17402

CWE-120
 

 
Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimage_int.cpp, because there is no validation of the relationship of the total size to the offset and size.

 
2019-08-12
 
CVE-2019-14982

CWE-190
 

 
In Exiv2 before v0.27.2, there is an integer overflow vulnerability in the WebPImage::getHeaderOffset function in webpimage.cpp. It can lead to a buffer overflow vulnerability and a crash.

 
2019-07-28
 
CVE-2019-14370

CWE-125
 

 
In Exiv2 0.27.99.0, there is an out-of-bounds read in Exiv2::MrwImage::readMetadata() in mrwimage.cpp. It could result in denial of service.

 
 
CVE-2019-14369

CWE-119
 

 
Exiv2::PngImage::readMetadata() in pngimage.cpp in Exiv2 0.27.99.0 allows attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file.

 
 
CVE-2019-14368

CWE-125
 

 
Exiv2 0.27.99.0 has a heap-based buffer over-read in Exiv2::RafImage::readMetadata() in rafimage.cpp.

 
2019-07-10
 
CVE-2019-13504

CWE-125
 

 
There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp in Exiv2 through 0.27.2.

 
2019-06-30
 
CVE-2019-13114

CWE-476
 

 
http.c in Exiv2 through 0.27.1 allows a malicious http server to cause a denial of service (crash due to a NULL pointer dereference) by returning a crafted response that lacks a space character.

 
 
CVE-2019-13113

CWE-20
 

 
Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to assertion failure) via an invalid data location in a CRW image file.

 
 
CVE-2019-13112

CWE-400
 

 
A PngChunk::parseChunkContent uncontrolled memory allocation in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to an std::bad_alloc exception) via a crafted PNG image file.

 
 
CVE-2019-13111

CWE-190
 

 
A WebPImage::decodeChunks integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (large heap allocation followed by a very long running loop) via a crafted WEBP image file.

 


Copyright 2019, cxsecurity.com

 

Back to Top