Exempi through version 2.4.4 is vulnerable to a heap-based buffer overflow in third-party/zuid/interfaces/MD5.cpp:MD5Update() caused by a mishandled case of zero length in XMPFiles/source/FileHandlers/TIFF_Handler.cpp. An attacker could exploit this to cause a denial of service via crafted TIFF image file. Upstream Bug Report: https://bugs.freedesktop.org/show_bug.cgi?id=105205 Upstream Patch: https://cgit.freedesktop.org/exempi/commit/?id=e163667a06a9b656a047b0ec660b871f29a83c9f
Created exempi tracking bugs for this issue: Affects: fedora-all [bug 1555156]