Published: 06/03/2018 Updated: 07/11/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

An issue exists in Exempi up to and including 2.4.4. There is a stack-based buffer over-read in the PostScript_MetaHandler::ParsePSFile() function in XMPFiles/source/FileHandlers/PostScript_Handler.cpp.

Vulnerable Product	Search on Vulmon	Subscribe to Product
exempi project exempi
canonical ubuntu linux 16.04
canonical ubuntu linux 14.04
canonical ubuntu linux 17.10

Exempi could be made to crash or run programs if it opened a specially crafted file ...

Debian Bug report logs - #892782 CVE-2018-7728 / CVE-2018-7729 / CVE-2018-7730 / CVE-2018-7731 Package: libexempi3; Maintainer for libexempi3 is Michael Biebl <biebl@debianorg>; Source for libexempi3 is src:exempi (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Mon, 12 Mar 2018 20:15:05 ...

An issue was discovered in Exempi through 244 There is a stack-based buffer over-read in the PostScript_MetaHandler::ParsePSFile() function in XMPFiles/source/FileHandlers/PostScript_Handlercpp ...

CWE-125 https://cgit.freedesktop.org/exempi/commit/?id=baa4b8a02c1ffab9645d13f0bfb1c0d10d311a0c https://bugs.freedesktop.org/show_bug.cgi?id=105206 https://usn.ubuntu.com/3668-1/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BCFXKOOATZ2B5G3G7EBXZWVZHEABN4ZV/https://usn.ubuntu.com/3668-1/https://nvd.nist.gov

CVE-2018-7729

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect