CVE-2007-6352 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2007-6352
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-6352

Description: Integer overflow in libexif 0.6.16 and earlier allows context-dependent attackers to execute arbitrary code via an image with crafted EXIF tags, possibly involving the exif_data_load_data_thumbnail function in exif-data.c.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/39167 SUSE http://www.novell.com/linux/security/advisories/suse_security_summary_report.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-234701-1 ST 1019124 SAID Secunia Advisory: SA28636 Secunia Advisory: SA28400 Secunia Advisory: SA28346 Secunia Advisory: SA28266 Secunia Advisory: SA28195 Secunia Advisory: SA28127 Secunia Advisory: SA28076 Secunia Advisory: SA28776 Secunia Advisory: SA29381 REDHAT http://www.redhat.com/support/errata/RHSA-2007-1165.html http://www.redhat.com/support/errata/RHSA-2007-1166.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:4814 MISC MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:005 GENTOO http://security.gentoo.org/glsa/glsa-200712-15.xml FEDORA DEBIAN http://www.debian.org/security/2008/dsa-1487 CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=202350 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/485822/100/0/threaded BID 26942

Return to the previous page.