rpm package
suse/exempi&distro=SUSE Linux Enterprise Software Development Kit 12 SP3
pkg:rpm/suse/exempi&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3
Vulnerabilities (6)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-18238 | — | < 2.2.1-5.7.1 | 2.2.1-5.7.1 | Mar 15, 2018 | An issue was discovered in Exempi before 2.4.4. The TradQT_Manager::ParseCachedBoxes function in XMPFiles/source/FormatSupport/QuickTime_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .qt file. | ||
| CVE-2017-18236 | — | < 2.2.1-5.7.1 | 2.2.1-5.7.1 | Mar 15, 2018 | An issue was discovered in Exempi before 2.4.4. The ASF_Support::ReadHeaderObject function in XMPFiles/source/FormatSupport/ASF_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via a crafted .asf file. | ||
| CVE-2017-18234 | — | < 2.2.1-5.7.1 | 2.2.1-5.7.1 | Mar 15, 2018 | An issue was discovered in Exempi before 2.4.3. It allows remote attackers to cause a denial of service (invalid memcpy with resultant use-after-free) or possibly have unspecified other impact via a .pdf file containing JPEG data, related to XMPFiles/source/FormatSupport/Reconcil | ||
| CVE-2017-18233 | — | < 2.2.1-5.7.1 | 2.2.1-5.7.1 | Mar 15, 2018 | An issue was discovered in Exempi before 2.4.4. Integer overflow in the Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .avi file. | ||
| CVE-2018-7730 | — | < 2.2.1-5.7.1 | 2.2.1-5.7.1 | Mar 6, 2018 | An issue was discovered in Exempi through 2.4.4. A certain case of a 0xffffffff length is mishandled in XMPFiles/source/FormatSupport/PSIR_FileWriter.cpp, leading to a heap-based buffer over-read in the PSD_MetaHandler::CacheFileData() function. | ||
| CVE-2018-7728 | — | < 2.2.1-5.7.1 | 2.2.1-5.7.1 | Mar 6, 2018 | An issue was discovered in Exempi through 2.4.4. XMPFiles/source/FileHandlers/TIFF_Handler.cpp mishandles a case of a zero length, leading to a heap-based buffer over-read in the MD5Update() function in third-party/zuid/interfaces/MD5.cpp. |
- CVE-2017-18238Mar 15, 2018affected < 2.2.1-5.7.1fixed 2.2.1-5.7.1
An issue was discovered in Exempi before 2.4.4. The TradQT_Manager::ParseCachedBoxes function in XMPFiles/source/FormatSupport/QuickTime_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .qt file.
- CVE-2017-18236Mar 15, 2018affected < 2.2.1-5.7.1fixed 2.2.1-5.7.1
An issue was discovered in Exempi before 2.4.4. The ASF_Support::ReadHeaderObject function in XMPFiles/source/FormatSupport/ASF_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via a crafted .asf file.
- CVE-2017-18234Mar 15, 2018affected < 2.2.1-5.7.1fixed 2.2.1-5.7.1
An issue was discovered in Exempi before 2.4.3. It allows remote attackers to cause a denial of service (invalid memcpy with resultant use-after-free) or possibly have unspecified other impact via a .pdf file containing JPEG data, related to XMPFiles/source/FormatSupport/Reconcil
- CVE-2017-18233Mar 15, 2018affected < 2.2.1-5.7.1fixed 2.2.1-5.7.1
An issue was discovered in Exempi before 2.4.4. Integer overflow in the Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .avi file.
- CVE-2018-7730Mar 6, 2018affected < 2.2.1-5.7.1fixed 2.2.1-5.7.1
An issue was discovered in Exempi through 2.4.4. A certain case of a 0xffffffff length is mishandled in XMPFiles/source/FormatSupport/PSIR_FileWriter.cpp, leading to a heap-based buffer over-read in the PSD_MetaHandler::CacheFileData() function.
- CVE-2018-7728Mar 6, 2018affected < 2.2.1-5.7.1fixed 2.2.1-5.7.1
An issue was discovered in Exempi through 2.4.4. XMPFiles/source/FileHandlers/TIFF_Handler.cpp mishandles a case of a zero length, leading to a heap-based buffer over-read in the MD5Update() function in third-party/zuid/interfaces/MD5.cpp.