Download
| Alert*
oval:org.secpod.oval:def:704103
exempi is installed oval:org.secpod.oval:def:114240 exempi is installed oval:org.secpod.oval:def:2000337 An issue was discovered in Exempi before 2.4.3. The PostScript_Support::ConvertToDate function in XMPFiles/source/FormatSupport/PostScript_Support.cpp allows remote attackers to cause a denial of service via a crafted .ps file. oval:org.secpod.oval:def:2000653 An issue was discovered in Exempi before 2.4.3. The VPXChunk class in XMPFiles/source/FormatSupport/WEBP_Support.cpp does not ensure nonzero widths and heights, which allows remote attackers to cause a denial of service via a crafted .webp file. oval:org.secpod.oval:def:704101 exempi: library to parse XMP metadata Exempi could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:2001627 An issue was discovered in Exempi before 2.4.4. The ASF_Support::ReadHeaderObject function in XMPFiles/source/FormatSupport/ASF_Support.cpp allows remote attackers to cause a denial of service via a crafted .asf file. oval:org.secpod.oval:def:205303 Exempi provides a library for easy parsing of XMP metadata. It is a port of Adobe XMP SDK to work on UNIX and to be build with GNU automake. It includes XMPCore and XMPFiles. Security Fix: * exempi: Infinite Loop in Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp * exempi: Use after free via ... oval:org.secpod.oval:def:52048 exempi: library to parse XMP metadata Exempi could be made to crash or run programs if it opened a specially crafted file. oval:org.secpod.oval:def:2000969 An issue was discovered in Exempi before 2.4.4. The TradQT_Manager::ParseCachedBoxes function in XMPFiles/source/FormatSupport/QuickTime_Support.cpp allows remote attackers to cause a denial of service via crafted XMP data in a .qt file. oval:org.secpod.oval:def:2000129 An issue was discovered in Exempi through 2.4.4. XMPFiles/source/FormatSupport/WEBP_Support.cpp does not check whether a bitstream has a NULL value, leading to a NULL pointer dereference in the WEBP::VP8XChunk class. oval:org.secpod.oval:def:2000127 An issue was discovered in Exempi through 2.4.4. There is a stack-based buffer over-read in the PostScript_MetaHandler::ParsePSFile function in XMPFiles/source/FileHandlers/PostScript_Handler.cpp. oval:org.secpod.oval:def:2000388 An issue was discovered in Exempi before 2.4.3. It allows remote attackers to cause a denial of service or possibly have unspecified other impact via a .pdf file containing JPEG data, related to XMPFiles/source/FormatSupport/ReconcileTIFF.cpp, XMPFiles/source/FormatSupport/TIFF_MemoryReader.cpp, an ... oval:org.secpod.oval:def:2001434 An issue was discovered in Exempi through 2.4.4. A certain case of a 0xffffffff length is mishandled in XMPFiles/source/FormatSupport/PSIR_FileWriter.cpp, leading to a heap-based buffer over-read in the PSD_MetaHandler::CacheFileData function. oval:org.secpod.oval:def:114239 Exempi provides a library for easy parsing of XMP metadata. It is a port of Adobe XMP SDK to work on UNIX and to be build with GNU automake. It includes XMPCore and XMPFiles. oval:org.secpod.oval:def:503278 Exempi provides a library for easy parsing of XMP metadata. It is a port of Adobe XMP SDK to work on UNIX and to be build with GNU automake. It includes XMPCore and XMPFiles. Security Fix: * exempi: Infinite Loop in Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp * exempi: Use after free via ... oval:org.secpod.oval:def:2000912 An issue was discovered in Exempi through 2.4.4. XMPFiles/source/FileHandlers/TIFF_Handler.cpp mishandles a case of a zero length, leading to a heap-based buffer over-read in the MD5Update function in third-party/zuid/interfaces/MD5.cpp. oval:org.secpod.oval:def:2000778 An issue was discovered in Exempi before 2.4.4. Integer overflow in the Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp allows remote attackers to cause a denial of service via crafted XMP data in a .avi file. oval:org.secpod.oval:def:3301730 Security update for exempi oval:org.secpod.oval:def:89049354 This update for exempi fixes the following issues: * CVE-2020-18652: Fixed buffer overflow vulnerability in WEBP_Support.cpp . oval:org.secpod.oval:def:1701639 Buffer Overflow vulnerability in function ID3_Support::ID3v2Frame::getFrameValue in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted audio file with ID3V2 frame oval:org.secpod.oval:def:89049423 This update for exempi fixes the following issues: * CVE-2020-18651: Fixed a buffer overflow in ID3 support . oval:org.secpod.oval:def:89049586 This update for exempi fixes the following issues: * CVE-2020-18651: Fixed a buffer overflow in ID3 support . oval:org.secpod.oval:def:3301706 Security update for exempi oval:org.secpod.oval:def:89050729 This update for exempi fixes the following issues: - CVE-2018-12648: Fixed a NULL pointer dereference issue when processing webp files . oval:org.secpod.oval:def:115191 Exempi provides a library for easy parsing of XMP metadata. It is a port of Adobe XMP SDK to work on UNIX and to be build with GNU automake. It includes XMPCore and XMPFiles. oval:org.secpod.oval:def:2000534 The WEBP::GetLE32 function in XMPFiles/source/FormatSupport/WEBP_Support.hpp in Exempi 2.4.5 has a NULL pointer dereference. |