CVE-2018-19107

In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdimage.cpp in the PSD image reader) may suffer from a denial of service (heap-based buffer over-read) caused by an integer overflow via a crafted PSD image file.
Configurations

Configuration 1

cpe:2.3:a:exiv2:exiv2:0.26:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Information

Published : 2018-11-08 08:29

Updated : 2023-01-10 07:15


NVD link : CVE-2018-19107

Mitre link : CVE-2018-19107

CWE
CWE-125

Out-of-bounds Read

CWE-190