An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffset.
Max CVSS
6.5
EPSS Score
0.17%
Published
2019-06-30
Updated
2023-03-24
An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a chunkLength - iccOffset subtraction.
Max CVSS
6.5
EPSS Score
0.17%
Published
2019-06-30
Updated
2023-03-24
A CiffDirectory::readDirectory integer overflow and out-of-bounds read in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted CRW image file.
Max CVSS
6.5
EPSS Score
0.51%
Published
2019-06-30
Updated
2023-02-02
A WebPImage::decodeChunks integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (large heap allocation followed by a very long running loop) via a crafted WEBP image file.
Max CVSS
5.5
EPSS Score
0.12%
Published
2019-06-30
Updated
2023-03-03
A PngChunk::parseChunkContent uncontrolled memory allocation in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to an std::bad_alloc exception) via a crafted PNG image file.
Max CVSS
6.5
EPSS Score
0.67%
Published
2019-06-30
Updated
2023-02-28
Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to assertion failure) via an invalid data location in a CRW image file.
Max CVSS
6.5
EPSS Score
0.27%
Published
2019-06-30
Updated
2023-02-28
http.c in Exiv2 through 0.27.1 allows a malicious http server to cause a denial of service (crash due to a NULL pointer dereference) by returning a crafted response that lacks a space character.
Max CVSS
6.5
EPSS Score
0.84%
Published
2019-06-30
Updated
2023-01-13
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!