Use-after-free vulnerability in Exempi before 2.4.3 allows remote attackers to cause denial of service or other unspecified impact via a .pdf file containing JPEG data.

Use-after-free vulnerability in Exempi before 2.4.3 allows remote attackers to cause denial of service or other unspecified impact via a .pdf file containing JPEG data.

CVE-2017-18234 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

An issue was discovered in Exempi before 2.4.3. It allows remote attackers to cause a denial of service (invalid memcpy with resultant use-after-free) or possibly have unspecified other impact via a .pdf file containing JPEG data, related to XMPFiles/source/FormatSupport/ReconcileTIFF.cpp, XMPFiles/source/FormatSupport/TIFF_MemoryReader.cpp, and XMPFiles/source/FormatSupport/TIFF_Support.hpp.

Learn more about our Web Application Penetration Testing UK.