Debian Exiv2 vulnerabilities

CVE-2017-14861 [MEDIUM] CVE-2017-14861: exiv2 - There is a stack consumption vulnerability in the Exiv2::Internal::stringFormat ... There is a stack consumption vulnerability in the Exiv2::Internal::stringFormat function of image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2017-14860 [MEDIUM] CVE-2017-14860: exiv2 - There is a heap-based buffer over-read in the Exiv2::Jp2Image::readMetadata func... There is a heap-based buffer over-read in the Exiv2::Jp2Image::readMetadata function of jp2image.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2017-17725 [MEDIUM] CVE-2017-17725: exiv2 - In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-... In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-read in the Exiv2::getULong function in types.cpp. Remote attackers can exploit the vulnerability to cause a denial of service via a crafted image file. Note that this vulnerability is different from CVE-2017-14864, which is an invalid memory address dereference. Scope: local bookworm: r

CVE-2017-14859 [MEDIUM] CVE-2017-14859: exiv2 - An Invalid memory address dereference was discovered in Exiv2::StringValueBase::... An Invalid memory address dereference was discovered in Exiv2::StringValueBase::read in value.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. Scope: local bookworm: resolved (fixed in 0.27.2-6) bullseye: resolved (fixed in 0.27.2-6) forky: resolved (fixed in 0.27.2-6) sid: resolved (fixed in 0

CVE-2017-14866 [MEDIUM] CVE-2017-14866: exiv2 - There is a heap-based buffer overflow in the Exiv2::s2Data function of types.cpp... There is a heap-based buffer overflow in the Exiv2::s2Data function of types.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2017-12957 [MEDIUM] CVE-2017-12957: exiv2 - There is a heap-based buffer over-read in libexiv2 in Exiv2 0.26 that is trigger... There is a heap-based buffer over-read in libexiv2 in Exiv2 0.26 that is triggered in the Exiv2::Image::io function in image.cpp. It will lead to remote denial of service. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2017-11340 [MEDIUM] CVE-2017-11340: exiv2 - There is a Segmentation fault in the XmpParser::terminate() function in Exiv2 0.... There is a Segmentation fault in the XmpParser::terminate() function in Exiv2 0.26, related to an exit call. A Crafted input will lead to a remote denial of service attack. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2017-1000126 [MEDIUM] CVE-2017-1000126: exiv2 - exiv2 0.26 contains a Stack out of bounds read in webp parser exiv2 0.26 contains a Stack out of bounds read in webp parser Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2017-11338 [MEDIUM] CVE-2017-11338: exiv2 - There is an infinite loop in the Exiv2::Image::printIFDStructure function of ima... There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0.26. A crafted input will lead to a remote denial of service attack. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2017-14857 [MEDIUM] CVE-2017-14857: exiv2 - In Exiv2 0.26, there is an invalid free in the Image class in image.cpp that lea... In Exiv2 0.26, there is an invalid free in the Image class in image.cpp that leads to a Segmentation fault. A crafted input will lead to a denial of service attack. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2017-14865 [MEDIUM] CVE-2017-14865: exiv2 - There is a heap-based buffer overflow in the Exiv2::us2Data function of types.cp... There is a heap-based buffer overflow in the Exiv2::us2Data function of types.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2017-1000127 [MEDIUM] CVE-2017-1000127: exiv2 - Exiv2 0.26 contains a heap buffer overflow in tiff parser Exiv2 0.26 contains a heap buffer overflow in tiff parser Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2017-14858 [MEDIUM] CVE-2017-14858: exiv2 - There is a heap-based buffer overflow in the Exiv2::l2Data function of types.cpp... There is a heap-based buffer overflow in the Exiv2::l2Data function of types.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2017-11553 [HIGH] CVE-2017-11553: exiv2 - There is an illegal address access in the extend_alias_table function in localea... There is an illegal address access in the extend_alias_table function in localealias.c of Exiv2 0.26. A crafted input will lead to remote denial of service. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2017-11683 [MEDIUM] CVE-2017-11683: exiv2 - There is a reachable assertion in the Internal::TiffReader::visitDirectory funct... There is a reachable assertion in the Internal::TiffReader::visitDirectory function in tiffvisitor.cpp of Exiv2 0.26 that will lead to a remote denial of service attack via crafted input. Scope: local bookworm: resolved (fixed in 0.27.2-6) bullseye: resolved (fixed in 0.27.2-6) forky: resolved (fixed in 0.27.2-6) sid: resolved (fixed in 0.27.2-6) trixie: resolved (f

CVE-2017-17723 [HIGH] CVE-2017-17723: exiv2 - In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::Image::byteS... In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::Image::byteSwap4 function in image.cpp. Remote attackers can exploit this vulnerability to disclose memory data or cause a denial of service via a crafted TIFF file. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2017-11336 [MEDIUM] CVE-2017-11336: exiv2 - There is a heap-based buffer over-read in the Image::printIFDStructure function ... There is a heap-based buffer over-read in the Image::printIFDStructure function in image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2017-14863 [MEDIUM] CVE-2017-14863: exiv2 - A NULL pointer dereference was discovered in Exiv2::Image::printIFDStructure in ... A NULL pointer dereference was discovered in Exiv2::Image::printIFDStructure in image.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2017-11592 [HIGH] CVE-2017-11592: exiv2 - There is a Mismatched Memory Management Routines vulnerability in the Exiv2::Fil... There is a Mismatched Memory Management Routines vulnerability in the Exiv2::FileIo::seek function of Exiv2 0.26 that will lead to a remote denial of service attack (heap memory corruption) via crafted input. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2017-18005 [MEDIUM] CVE-2017-18005: exiv2 - Exiv2 0.26 has a Null Pointer Dereference in the Exiv2::DataValue::toLong functi... Exiv2 0.26 has a Null Pointer Dereference in the Exiv2::DataValue::toLong function in value.cpp, related to crafted metadata in a TIFF file. Scope: local bookworm: resolved (fixed in 0.27.2-6) bullseye: resolved (fixed in 0.27.2-6) forky: resolved (fixed in 0.27.2-6) sid: resolved (fixed in 0.27.2-6) trixie: resolved (fixed in 0.27.2-6)