CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-7730 – exempi: Heap-based buffer overflow in PSD_MetaHandler::CacheFileData function in XMPFiles/source/FormatSupport/PSIR_FileWriter.cpp allows for denial of service via crafted XLS file
https://notcve.org/view.php?id=CVE-2018-7730
06 Mar 2018 — An issue was discovered in Exempi through 2.4.4. A certain case of a 0xffffffff length is mishandled in XMPFiles/source/FormatSupport/PSIR_FileWriter.cpp, leading to a heap-based buffer over-read in the PSD_MetaHandler::CacheFileData() function. Se ha descubierto un problema en Exempi hasta su versión 2.4.4. Cierto caso de longitud 0xffffffff se gestiona de manera incorrecta en XMPFiles/source/FormatSupport/PSIR_FileWriter.cpp, lo que conduce a una sobrelectura de búfer basada en memoria dinámica (heap) en ... • https://access.redhat.com/errata/RHSA-2019:2048 • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2018-7731 – Ubuntu Security Notice USN-3668-1
https://notcve.org/view.php?id=CVE-2018-7731
06 Mar 2018 — An issue was discovered in Exempi through 2.4.4. XMPFiles/source/FormatSupport/WEBP_Support.cpp does not check whether a bitstream has a NULL value, leading to a NULL pointer dereference in the WEBP::VP8XChunk class. Se ha descubierto un problema en Exempi hasta su versión 2.4.4. XMPFiles/source/FormatSupport/WEBP_Support.cpp no comprueba si un bitstream tiene un valor NULL, lo que conduce a una desreferencia de puntero NULL en la clase WEBP::VP8XChunk. It was discovered that Exempi incorrectly handled cert... • https://bugs.freedesktop.org/show_bug.cgi?id=105247 • CWE-476: NULL Pointer Dereference •