QwikSec

Security Database

CVE

CWE

Training

CVE-2017-18234

Published: Mar 15, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

An issue was discovered in Exempi before 2.4.3. It allows remote attackers to cause a denial of service (invalid memcpy with resultant use-after-free) or possibly have unspecified other impact via a .pdf file containing JPEG data, related to XMPFiles/source/FormatSupport/ReconcileTIFF.cpp, XMPFiles/source/FormatSupport/TIFF_MemoryReader.cpp, and XMPFiles/source/FormatSupport/TIFF_Support.hpp.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://cgit.freedesktop.org/exempi/commit/?id=c26d5beb60a5a85f76259f50ed3e08c8169b0a0c

x_refsource_CONFIRM

[debian-lts-announce] 20180321 [SECURITY] [DLA 1310-1] exempi security update

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_UBUNTU

https://bugs.freedesktop.org/show_bug.cgi?id=100397

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.