RSS   Podatności dla 'Jhead'   RSS

2022-03-23
 
CVE-2021-28275

CWE-77
 

 
A Denial of Service vulnerability exists in jhead 3.04 and 3.05 due to a wild address read in the Get16u function in exif.c in will cause segmentation fault via a crafted_file.

 
 
CVE-2021-28276

NVD-CWE-noinfo
 

 
A Denial of Service vulnerability exists in jhead 3.04 and 3.05 via a wild address read in the ProcessCanonMakerNoteDir function in makernote.c.

 
 
CVE-2021-28277

CWE-787
 

 
A Heap-based Buffer Overflow vulnerabilty exists in jhead 3.04 and 3.05 is affected by: Buffer Overflow via the RemoveUnknownSections function in jpgfile.c.

 
 
CVE-2021-28278

CWE-787
 

 
A Heap-based Buffer Overflow vulnerability exists in jhead 3.04 and 3.05 via the RemoveSectionType function in jpgfile.c.

 
2022-02-02
 
CVE-2020-26208

CWE-787
 

 
JHEAD is a simple command line tool for displaying and some manipulation of EXIF header data embedded in Jpeg images from digital cameras. In affected versions there is a heap-buffer-overflow on jhead-3.04/jpgfile.c:285 ReadJpegSections. Crafted jpeg images can be provided to the user resulting in a program crash or potentially incorrect exif information retrieval. Users are advised to upgrade. There is no known workaround for this issue.

 
2021-04-22
 
CVE-2021-3496

CWE-787
 

 
A heap-based buffer overflow was found in jhead in version 3.06 in Get16u() in exif.c when processing a crafted file.

 
2020-01-09
 
CVE-2020-6625

CWE-125
 

 
jhead through 3.04 has a heap-based buffer over-read in Get32s when called from ProcessGpsInfo in gpsinfo.c.

 
 
CVE-2020-6624

CWE-125
 

 
jhead through 3.04 has a heap-based buffer over-read in process_DQT in jpgqguess.c.

 
2019-11-17
 
CVE-2019-19035

CWE-125
 

 
jhead 3.03 is affected by: heap-based buffer over-read. The impact is: Denial of service. The component is: ReadJpegSections and process_SOFn in jpgfile.c. The attack vector is: Open a specially crafted JPEG file.

 
2019-07-15
 
CVE-2019-1010302

CWE-284
 

 
jhead 3.03 is affected by: Incorrect Access Control. The impact is: Denial of service. The component is: iptc.c Line 122 show_IPTC(). The attack vector is: the victim must open a specially crafted JPEG file.

 


Copyright 2024, cxsecurity.com

 

Back to Top