DescriptionInteger overflow in the exif_data_load_data_entry function in libexif/exif-data.c in Libexif before 0.6.16 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via an image with many EXIF components, which triggers a heap-based buffer overflow.
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
SUSE Security Advisories:
- SUSE-SA:2007:039, published Tue, 03 Jul 2007 17:00:00 +0000
- SUSE-SR:2007:014, published Fri, 20 Jul 2007 12:00:00 +0000
SUSE Timeline for this CVECVE page created: Fri Jun 28 05:09:16 2013
CVE page last modified: Fri Oct 7 12:45:34 2022