DescriptionInteger overflow in the exif_data_load_data_entry function in exif-data.c in libexif before 0.6.14 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted EXIF data, involving the (1) doff or (2) s variable.
Overall state of this security issue: Resolved
This issue is currently rated as having critical severity.
|National Vulnerability Database|
SUSE Security Advisories:
SUSE Timeline for this CVECVE page created: Fri Jun 28 03:36:43 2013
CVE page last modified: Thu Dec 7 12:25:15 2023