RSS   Vulnerabilities for 'Libexif'   RSS

2007-12-19
 
CVE-2007-6352

CWE-189
 

 
Integer overflow in libexif 0.6.16 and earlier allows context-dependent attackers to execute arbitrary code via an image with crafted EXIF tags, possibly involving the exif_data_load_data_thumbnail function in exif-data.c.

 
2007-05-14
 
CVE-2007-2645

CWE-Other
 

 
Integer overflow in the exif_data_load_data_entry function in exif-data.c in libexif before 0.6.14 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted EXIF data, involving the (1) doff or (2) s variable.

 
2007-06-14
 
CVE-2006-4168

CWE-Other
 

 
Integer overflow in the exif_data_load_data_entry function in libexif/exif-data.c in Libexif before 0.6.16 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via an image with many EXIF components, which triggers a heap-based buffer overflow.

 
2005-05-02
 
CVE-2005-0664

 

 
Buffer overflow in the EXIF library (libexif) 0.6.9 does not properly validate the structure of the EXIF tags, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a JPEG image with a crafted EXIF tag.

 


Copyright 2019, cxsecurity.com

 

Back to Top