Vulnerabilities > Exiv2

DATE CVE VULNERABILITY TITLE RISK
2017-06-26 CVE-2017-9953 Use After Free vulnerability in multiple products
There is an invalid free in Image::printIFDStructure that leads to a Segmentation fault in Exiv2 0.26.
network
low complexity
exiv2 redhat CWE-416
5.0
2017-05-26 CVE-2017-9239 Divide By Zero vulnerability in multiple products
An issue was discovered in Exiv2 0.26.
network
low complexity
exiv2 canonical CWE-369
6.5
2015-01-02 CVE-2014-9449 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Buffer overflow in the RiffVideo::infoTagsHandler function in riffvideo.cpp in Exiv2 0.24 allows remote attackers to cause a denial of service (crash) via a long IKEY INFO tag value in an AVI file.
network
low complexity
exiv2 fedoraproject CWE-119
5.0
2008-06-13 CVE-2008-2696 Numeric Errors vulnerability in Exiv2 0.16
Exiv2 0.16 allows user-assisted remote attackers to cause a denial of service (divide-by-zero and application crash) via a zero value in Nikon lens information in the metadata of an image, related to "pretty printing" and the RationalValue::toLong function.
network
exiv2 CWE-189
4.3
2007-12-20 CVE-2007-6353 Numeric Errors vulnerability in Exiv2
Integer overflow in exif.cpp in exiv2 library allows context-dependent attackers to execute arbitrary code via a crafted EXIF file that triggers a heap-based buffer overflow.
network
low complexity
exiv2 CWE-189
7.5