Computer Security

libexif library integer overflow
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



libexif library integer overflow
updated since 05.06.2007
Published:13.06.2007
Source:BUGTRAQ
SecurityVulns ID:7779
Type:library
Level:5/10
Description:Integer overflow on EXIF data parsing.
Affected:LIBEXIF : libexif 0.6
CVE:CVE-2007-2645 (Integer overflow in the exif_data_load_data_entry function in exif-data.c in libexif before 0.6.14 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted EXIF data, involving the (1) doff or (2) s variable.)
Original documentdocumentIDEFENSE, iDefense Security Advisory 06.13.07: Multiple Vendor libexif Integer Overflow Heap Corruption Vulnerability (13.06.2007)
 documentRPATH, rPSA-2007-0115-1 libexif (05.06.2007)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server