Debian Security Advisory 1487-1 - Several vulnerabilities have been discovered in the EXIF parsing code of the libexif library, which can lead to denial of service or the execution of arbitrary code if a user is tricked into opening a malformed image.
b6cfa3c1a8b083b26a1f2671fec90976a2c45b5f6e05d7e8e597dc8a1512e255Ubuntu Security Notice 471-1 - Victor Stinner discovered that libexif did not correctly validate the size of some EXIF header fields. By tricking a user into opening an image with specially crafted EXIF headers, a remote attacker could cause the application using libexif to crash, resulting in a denial of service.
50176b94bd9ba739cc0cf25d9f94f4fbe3441ce8ee4361d284f0cc16bb61eb4bMandriva Linux Security Advisory - An integer overflow in the exif_data_load_data_entry function in exif-data.c in libexif before 0.6.14 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted EXIF data.
2ad12f001910f1eeed0075ed45b9dc426c4a39fc7cc48f0d6baa9c71c605e5daGentoo Linux Security Advisory GLSA 200706-01 - Victor Stinner reported an integer overflow in the exif_data_load_data_entry() function from file exif-data.c while handling Exif data. Versions less than 0.6.15 are affected.
93c756b460c5bfa2e87100f1927d6e0679f1f7c01341d7f461964af794e249bd
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed