CVE-2018-7728
Description
Exempi through 2.4.4 has a heap buffer over-read in MD5Update() via a zero-length TIFF file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Exempi through 2.4.4 has a heap buffer over-read in MD5Update() via a zero-length TIFF file.
Vulnerability
Exempi versions up to and including 2.4.4 are affected. The issue lies in XMPFiles/source/FileHandlers/TIFF_Handler.cpp, which mishandles a case of a zero-length TIFF file, leading to a heap-based buffer over-read in the MD5Update() function in third-party/zuid/interfaces/MD5.cpp.
Exploitation
An attacker can trigger the vulnerability by providing a specially crafted TIFF file with zero length. No special privileges or network position beyond being able to supply the file to Exempi are required; user interaction is needed to open the malicious file.
Impact
Successful exploitation results in a heap-based buffer over-read, which can lead to information disclosure or potentially a denial of service due to memory access violation.
Mitigation
As of the publication date, no fix has been released. Users should monitor for updates from the Exempi project. The Fedora package announcement [1] may contain further details, but the reference is currently inaccessible.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
6- osv-coords5 versionspkg:rpm/opensuse/exempi&distro=openSUSE%20Tumbleweedpkg:rpm/suse/exempi&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/exempi&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/exempi&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/exempi&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3
< 2.5.2-1.3+ 4 more
- (no CPE)range: < 2.5.2-1.3
- (no CPE)range: < 2.2.1-5.7.1
- (no CPE)range: < 2.2.1-5.7.1
- (no CPE)range: < 2.2.1-5.7.1
- (no CPE)range: < 2.2.1-5.7.1
Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
5- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BCFXKOOATZ2B5G3G7EBXZWVZHEABN4ZV/mitrevendor-advisoryx_refsource_FEDORA
- usn.ubuntu.com/3668-1/mitrevendor-advisoryx_refsource_UBUNTU
- bugs.freedesktop.org/show_bug.cgimitrex_refsource_MISC
- cgit.freedesktop.org/exempi/commit/mitrex_refsource_MISC
- lists.debian.org/debian-lts-announce/2018/03/msg00013.htmlmitremailing-listx_refsource_MLIST
News mentions
0No linked articles in our index yet.