Matthias Wandel

4 exploits Active since Oct 2022
CVE-2022-41751 WRITEUP HIGH WRITEUP
jhead 3.06.0.1 - OS Command Injection via JPEG Filename with -rgt50 Option
Jhead 3.06.0.1 allows attackers to execute arbitrary OS commands by placing them in a JPEG filename and then using the regeneration -rgt50 option.
CVSS 7.8
CVE-2020-28840 WRITEUP HIGH WRITEUP
jhead < 3.04 - Buffer Overflow in jpgfile.c
Buffer Overflow vulnerability in jpgfile.c in Matthias-Wandel jhead version 3.04, allows local attackers to execute arbitrary code and cause a denial of service (DoS).
CVSS 7.8
CVE-2022-41751 WRITEUP HIGH WORKING POC
jhead 3.06.0.1 - OS Command Injection via JPEG Filename with -rgt50 Option
Jhead 3.06.0.1 allows attackers to execute arbitrary OS commands by placing them in a JPEG filename and then using the regeneration -rgt50 option.
CVSS 7.8
CVE-2024-2824 WRITEUP MEDIUM WORKING POC
Matthias-Wandel jhead 3.08 - Buffer Overflow
A vulnerability was found in Matthias-Wandel jhead 3.08 and classified as critical. This issue affects the function PrintFormatNumber of the file exif.c. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257711.
CVSS 6.3