Integer Overflow in Chunk Class in Exempi Allows for Denial of Service via Crafted XMP Data in .avi File

Integer Overflow in Chunk Class in Exempi Allows for Denial of Service via Crafted XMP Data in .avi File

CVE-2017-18233 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

An issue was discovered in Exempi before 2.4.4. Integer overflow in the Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .avi file.

Learn more about our Web Application Penetration Testing UK.