MidnightBSD

Advisories for openexif_project

CVE-2017-11115 MEDIUM

The ExifJpegHUFFTable::deriveTable function in ExifHuffmanTable.cpp in OpenExif 2.1.4 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted jpg file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
openexif_project openexif 2.1.4
CVE-2017-11116 MEDIUM

The ExifImageFile::readDQT function in ExifImageFileRead.cpp in OpenExif 2.1.4 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted jpg file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
openexif_project openexif 2.1.4
CVE-2017-11117 MEDIUM

The ExifImageFile::readDHT function in ExifImageFileRead.cpp in OpenExif 2.1.4 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted jpg file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
openexif_project openexif 2.1.4
CVE-2017-11118 HIGH

The ExifImageFile::readImage function in ExifImageFileRead.cpp in OpenExif 2.1.4 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted jpg file.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-835,

Products Affected

Vendor Product Version
openexif_project openexif 2.1.4
CVE-2017-14931 MEDIUM

ExifImageFile::readDQT in ExifImageFileRead.cpp in OpenExif 2.1.4 allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted JPEG file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
openexif_project openexif 2.1.4