SB2019080632 - Red Hat update for exempi

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2019080632

SB2019080632 - Red Hat update for exempi

Published: August 6, 2019

Security Bulletin ID SB2019080632
Severity
Low
Patch available
YES
Number of vulnerabilities 5
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.


1) Memory corruption (CVE-ID: CVE-2017-18233)

The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.

The weakness exists in the Chunk class in the source code file XMPFiles/source/FormatSupport/RIFF.cpp due to integer overflow and infinite loop when handling Extensible Metadata Platform (XMP) data in .avifiles. A remote attacker can trick the victim into accessing a specially crafted .avi file, trigger memory corruption and cause the service to crash.

2) Use-after-free error (CVE-ID: CVE-2017-18234)

The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.

The weakness exists due to improper processing of a file that contains JPEG data related to the XMPFiles/source/FormatSupport/ReconcileTIFF.cpp, XMPFiles/source/FormatSupport/TIFF_MemoryReader.cpp and XMPFiles/source/FormatSupport/TIFF_Support.hpp source code files. A remote attacker can trick the victim into accessing a file that contains customized JPEG data that submits malicious input, trigger use after free and cause the service to crash.


3) Infinite loop (CVE-ID: CVE-2017-18236)

The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.

The weakness exists in the ASF_Support::ReadHeaderObject function in the source code file XMPFiles/source/FormatSupport/ASF_Support.cpp due to infinite loop when handling .asf files. A remote attacker can trick the victim into accessing a specially crafted .asf file and cause the service to crash.

4) Infinite loop (CVE-ID: CVE-2017-18238)

The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.

The weakness exists in the TradQT_Manager::ParseCachedBoxesfunction defined in the source code file XMPFiles/source/FormatSupport/QuickTime_Support.cpp due to infinite loop when handling Extensible Metadata Platform (XMP) data in .qt files. A remote attacker can trick the victim into accessing a specially crafted .qtfile, trigger memory corruption and cause the service to crash.

5) Heap-based buffer over-read (CVE-ID: CVE-2018-7730)

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness in the PSD_MetaHandler::CacheFileData() function is due to heap-based buffer over-read. A local attacker can submit a specially crafted .xls file, trigger memory corruption and cause the service to crash.

Remediation

Install update from vendor's website.

References