Launchpad CVE tracker

CVE 2007-6352

Integer overflow in libexif 0.6.16 and earlier allows context-dependent attackers to execute arbitrary code via an image with crafted EXIF tags, possibly involving the exif_data_load_data_thumbnail function in exif-data.c.

Related bugs and status

CVE-2007-6352 (Candidate) is related to these bugs:

Bug #181713: [libexif] [CVE-2007-6351] [CVE-2007-6352] possibility of DoS or arbitrary code execution

Summary				In	Importance	Status
	181713	[libexif] [CVE-2007-6351] [CVE-2007-6352] possibility of DoS or arbitrary code execution		libexif (Ubuntu)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

REDHAT: RHSA-2007:1165
REDHAT: RHSA-2007:1166
BID: 26942
SECTRACK: 1019124
SECUNIA: 28076
SECUNIA: 28127
CONFIRM: https://bugzilla.redha...
CONFIRM: https://bugzilla.redha...
CONFIRM: https://bugzilla.redha...
FEDORA: FEDORA-2007-4608
FEDORA: FEDORA-2007-4667
SECUNIA: 28195
CONFIRM: http://bugs.gentoo.org...
GENTOO: GLSA-200712-15
SECUNIA: 28266
CONFIRM: https://issues.rpath.c...
SECUNIA: 28346
MANDRIVA: MDVSA-2008:005
SECUNIA: 28400
SUSE: SUSE-SR:2008:002
SECUNIA: 28636
DEBIAN: DSA-1487
SECUNIA: 28776
SUNALERT: 234701
SECUNIA: 29381
UBUNTU: USN-654-1
SECUNIA: 32274
OSVDB: 42653
VUPEN: ADV-2007-4278
VUPEN: ADV-2008-0947
XF: libexif-exifdataloadda...
OVAL: oval:org.mitre.oval:de...
OVAL: oval:org.mitre.oval:de...
BUGTRAQ: 20080105 rPSA-2008-000...

Launchpad.net

CVE 2007-6352

Related bugs and status

Related bugs

References