[libexif] [CVE-2007-6351] [CVE-2007-6352] possibility of DoS or arbitrary code execution
Bug #181713 reported by
disabled.user
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libexif (Ubuntu) |
Fix Released
|
Medium
|
Kees Cook |
Bug Description
References:
MDVSA-2008:005 (http://
Quoting:
"An infinite recursion flaw was found in the way that libexif parses
Exif image tags. A carefully crafted Exif image file opened by an
application linked against libexif could cause the application to crash
(CVE-2007-6351).
An integer overflow flaw was also found in how libexif parses
Exif image tags. A carefully crafted Exif image file opened by
an application linked against libexif could cause the application
to crash or execute arbitrary code with the privileges of the user
executing the application (CVE-2007-6352)."
To post a comment you must log in.
This has also been fixed for Debian: www.debian. org/security/ 2008/dsa- 1487)
DSA-1487-1 (http://