Multiple vulnerabilities covering buffer overflows, out-of-bounds,
read of uninitialized memory and denial of serivce. The heap
overflow is triggered when Exiv2 is used to read the metadata of
a crafted image file. An attacker could potentially exploit the
vulnerability to gain code execution, if they can trick the victim
into running Exiv2 on a crafted image file. The out-of-bounds read
is triggered when Exiv2 is used to write metadata into a crafted
image file. An attacker could potentially exploit the vulnerability
to cause a denial of service by crashing Exiv2, if they can trick
the victim into running Exiv2 on a crafted image file. The read of
uninitialized memory is triggered when Exiv2 is used to read the
metadata of a crafted image file. An attacker could potentially
exploit the vulnerability to leak a few bytes of stack memory, if
they can trick the victim into running Exiv2 on a crafted image
file.