ID CVE-2012-2841
Summary Integer underflow in the exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 might allow remote attackers to execute arbitrary code via vectors involving a crafted buffer-size parameter during the formatting of an EXIF tag, leading to a heap-based buffer overflow.
References
Vulnerable Configurations
  • cpe:2.3:a:curtis_galloway:libexif:0.6.20:*:*:*:*:*:*:*
    cpe:2.3:a:curtis_galloway:libexif:0.6.20:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 28-11-2016 - 19:08)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
redhat via4
advisories
bugzilla
id 839203
title heap-based out-of-bounds array read
oval
OR
  • AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhba:tst:20070331001
    • OR
      • AND
        • comment libexif is earlier than 0:0.6.21-1.el5_8
          oval oval:com.redhat.rhsa:tst:20121255002
        • comment libexif is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070501008
      • AND
        • comment libexif-devel is earlier than 0:0.6.21-1.el5_8
          oval oval:com.redhat.rhsa:tst:20121255004
        • comment libexif-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070501010
  • AND
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhba:tst:20111656001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhba:tst:20111656002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20111656004
    • OR
      • AND
        • comment libexif is earlier than 0:0.6.21-5.el6_3
          oval oval:com.redhat.rhsa:tst:20121255010
        • comment libexif is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20121255011
      • AND
        • comment libexif-devel is earlier than 0:0.6.21-5.el6_3
          oval oval:com.redhat.rhsa:tst:20121255012
        • comment libexif-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20121255013
rhsa
id RHSA-2012:1255
released 2012-09-11
severity Moderate
title RHSA-2012:1255: libexif security update (Moderate)
rpms
  • libexif-0:0.6.21-1.el5_8
  • libexif-devel-0:0.6.21-1.el5_8
  • libexif-0:0.6.21-5.el6_3
  • libexif-devel-0:0.6.21-5.el6_3
refmap via4
bid 54437
debian DSA-2559
mlist [libexif-devel] 20120712 libexif project security advisory July 12, 2012
secunia 49988
suse
  • SUSE-SU-2012:0902
  • SUSE-SU-2012:0903
ubuntu USN-1513-1
Last major update 28-11-2016 - 19:08
Published 13-07-2012 - 10:34
Back to Top