Published: 06/03/2018 Updated: 07/11/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

An issue exists in Exempi up to and including 2.4.4. There is a stack-based buffer over-read in the PostScript_MetaHandler::ParsePSFile() function in XMPFiles/source/FileHandlers/PostScript_Handler.cpp.

Vulnerable Product	Search on Vulmon	Subscribe to Product
exempi project exempi
canonical ubuntu linux 16.04
canonical ubuntu linux 14.04
canonical ubuntu linux 17.10

Debian Bug report logs - #892782 CVE-2018-7728 / CVE-2018-7729 / CVE-2018-7730 / CVE-2018-7731 Package: libexempi3; Maintainer for libexempi3 is Michael Biebl <biebl@debianorg>; Source for libexempi3 is src:exempi (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Mon, 12 Mar 2018 20:15:05 ...

Exempi could be made to crash or run programs if it opened a specially crafted file ...

An issue was discovered in Exempi through 244 There is a stack-based buffer over-read in the PostScript_MetaHandler::ParsePSFile() function in XMPFiles/source/FileHandlers/PostScript_Handlercpp ...

CWE-125 https://cgit.freedesktop.org/exempi/commit/?id=baa4b8a02c1ffab9645d13f0bfb1c0d10d311a0c https://bugs.freedesktop.org/show_bug.cgi?id=105206 https://usn.ubuntu.com/3668-1/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BCFXKOOATZ2B5G3G7EBXZWVZHEABN4ZV/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892782 https://usn.ubuntu.com/3668-1/https://nvd.nist.gov

CVE-2018-7729

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect