Launchpad CVE tracker

CVE 2007-6351

libexif 0.6.16 and earlier allows context-dependent attackers to cause a denial of service (infinite recursion) via an image file with crafted EXIF tags, possibly involving the exif_loader_write function in exif_loader.c.

Related bugs and status

CVE-2007-6351 (Candidate) is related to these bugs:

Bug #181713: [libexif] [CVE-2007-6351] [CVE-2007-6352] possibility of DoS or arbitrary code execution

Summary				In	Importance	Status
	181713	[libexif] [CVE-2007-6351] [CVE-2007-6352] possibility of DoS or arbitrary code execution		libexif (Ubuntu)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://bugzilla.redha...
REDHAT: RHSA-2007:1165
SECTRACK: 1019124
SECUNIA: 28076
SECUNIA: 28127
CONFIRM: https://bugzilla.redha...
CONFIRM: https://bugzilla.redha...
FEDORA: FEDORA-2007-4608
FEDORA: FEDORA-2007-4667
SECUNIA: 28195
CONFIRM: http://bugs.gentoo.org...
GENTOO: GLSA-200712-15
SECUNIA: 28266
CONFIRM: https://issues.rpath.c...
SECUNIA: 28346
MANDRIVA: MDVSA-2008:005
SECUNIA: 28400
SUSE: SUSE-SR:2008:002
SECUNIA: 28636
DEBIAN: DSA-1487
BID: 26976
SECUNIA: 28776
UBUNTU: USN-654-1
SECUNIA: 32274
OSVDB: 42652
VUPEN: ADV-2007-4278
XF: libexif-exifloaderwrit...
OVAL: oval:org.mitre.oval:de...
BUGTRAQ: 20080105 rPSA-2008-000...

Launchpad.net

CVE 2007-6351

Related bugs and status

Related bugs

References