ID CVE-2007-2645
Summary Integer overflow in the exif_data_load_data_entry function in exif-data.c in libexif before 0.6.14 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted EXIF data, involving the (1) doff or (2) s variable.
References
Vulnerable Configurations
  • cpe:2.3:a:libexif:libexif:0.5:*:*:*:*:*:*:*
    cpe:2.3:a:libexif:libexif:0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:libexif:libexif:0.5.12:*:*:*:*:*:*:*
    cpe:2.3:a:libexif:libexif:0.5.12:*:*:*:*:*:*:*
  • cpe:2.3:a:libexif:libexif:0.6.9:*:*:*:*:*:*:*
    cpe:2.3:a:libexif:libexif:0.6.9:*:*:*:*:*:*:*
  • cpe:2.3:a:libexif:libexif:0.6.11:*:*:*:*:*:*:*
    cpe:2.3:a:libexif:libexif:0.6.11:*:*:*:*:*:*:*
  • cpe:2.3:a:libexif:libexif:0.6.12:*:*:*:*:*:*:*
    cpe:2.3:a:libexif:libexif:0.6.12:*:*:*:*:*:*:*
  • cpe:2.3:a:libexif:libexif:0.6.13:*:*:*:*:*:*:*
    cpe:2.3:a:libexif:libexif:0.6.13:*:*:*:*:*:*:*
CVSS
Base: 9.3 (as of 16-10-2018 - 16:44)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:C/I:C/A:C
refmap via4
bid 23927
bugtraq 20070604 FLEA-2007-0024-1: libexif
confirm
debian DSA-1487
gentoo GLSA-200706-01
mandriva MDKSA-2007:118
misc http://sourceforge.net/tracker/index.php?func=detail&aid=1716196&group_id=12272&atid=112272
osvdb 35978
secunia
  • 25235
  • 25540
  • 25569
  • 25599
  • 25621
  • 25932
  • 26083
  • 28776
suse
  • SUSE-SA:2007:039
  • SUSE-SR:2007:014
ubuntu USN-471-1
vupen ADV-2007-1761
xf libexif-exifdataloaddata-integer-overflow(34233)
statements via4
contributor Joshua Bressers
lastmodified 2007-05-24
organization Red Hat
statement Red Hat does not consider this flaw to have security consequences. For more details please see the following: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240055
Last major update 16-10-2018 - 16:44
Published 14-05-2007 - 21:19
Back to Top