xiaoqx

4 exploits Active since Feb 2018
CVE-2017-17724 WRITEUP MEDIUM WRITEUP
Exiv2 - Out-of-Bounds Read
In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::IptcData::printStructure function in iptc.cpp, related to the "!= 0x1c" case. Remote attackers can exploit this vulnerability to cause a denial of service via a crafted TIFF file.
CVSS 6.5
CVE-2018-9303 WRITEUP MEDIUM WRITEUP
Exiv2 < 0.26 - Reachable Assertion
In Exiv2 0.26, an assertion failure in BigTiffImage::readData in bigtiffimage.cpp results in an abort.
CVSS 6.5
CVE-2018-9304 WRITEUP MEDIUM WRITEUP
Exiv2 < 0.26 - Divide By Zero
In Exiv2 0.26, a divide by zero in BigTiffImage::printIFD in bigtiffimage.cpp could result in denial of service.
CVSS 6.5
CVE-2018-9305 WRITEUP HIGH WRITEUP
Exiv2 < 0.26 - Out-of-Bounds Read
In Exiv2 0.26, an out-of-bounds read in IptcData::printStructure in iptc.c could result in a crash or information leak, related to the "== 0x1c" case.
CVSS 8.1