Heap-based Buffer Over-read in PSD_MetaHandler::CacheFileData() Function

CVE-2018-7730 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

An issue was discovered in Exempi through 2.4.4. A certain case of a 0xffffffff length is mishandled in XMPFiles/source/FormatSupport/PSIR_FileWriter.cpp, leading to a heap-based buffer over-read in the PSD_MetaHandler::CacheFileData() function.

Learn more about our Web Application Penetration Testing UK.