CVE-2007-6352

2007-12-20 03:46:00 2018-10-15 23:52:19

Integer overflow in libexif 0.6.16 and earlier allows context-dependent attackers to execute arbitrary code via an image with crafted EXIF tags, possibly involving the exif_data_load_data_thumbnail function in exif-data.c.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Libexif Libexif 0.6.16 (not an official CPE)

Libexif - Libexif

Advisory	Patch	Confirmed	Link
			FEDORA-2007-4667
			FEDORA-2007-4608
			https://issues.rpath.com/browse/RPL-2068
			libexif-exifdataloaddatathumbnail-bo(39167)
			https://bugzilla.redhat.com/show_bug.cgi?id=425631
			https://bugzilla.redhat.com/show_bug.cgi?id=425621
			https://bugzilla.redhat.com/show_bug.cgi?id=425561
			ADV-2008-0947
			USN-654-1
			ADV-2007-4278
			26942
			1019124
			RHSA-2007:1166
			20080105 rPSA-2008-0006-1 libexif
			RHSA-2007:1165
			SUSE-SR:2008:002
			234701
			DSA-1487
			MDVSA-2008:005
			GLSA-200712-15
			http://bugs.gentoo.org/show_bug.cgi?id=202350

CVE-2007-6352

2007-12-20 03:46:00 2018-10-15 23:52:19

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Numeric Errors (ID 189)