Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
CEWE PHOTO IMPORTER 6.4.3 Denial of Service via Malformed Image
Vulnerability Description
CEWE PHOTO IMPORTER 6.4.3 contains a denial of service vulnerability that allows local attackers to crash the application by importing a specially crafted image file. Attackers can create a malformed JPG file with an oversized buffer and trigger the crash through the import functionality during the image processing workflow.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
在释放前未清除敏感信息
Vulnerability Title
CEWE PHOTO IMPORTER 安全漏洞
Vulnerability Description
CEWE PHOTO IMPORTER是英国CEWE公司的一款照片导入工具。 CEWE PHOTO IMPORTER 6.4.3版本存在安全漏洞,该漏洞源于导入特制图像文件,可能导致本地攻击者通过图像处理工作流中的导入功能触发应用程序崩溃,造成拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A