Lucene search

[email protected]CVE-2007-6352

HistoryDec 20, 2007 - 2:46 a.m.

CVE-2007-6352

2007-12-2002:46:00

CWE-189

[email protected]

web.nvd.nist.gov

cve-2007-6352

integer overflow

libexif

arbitrary code execution

image processing

exif tags

security vulnerability

7.3 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.021 Low

EPSS

Percentile

89.0%

JSON

Integer overflow in libexif 0.6.16 and earlier allows context-dependent attackers to execute arbitrary code via an image with crafted EXIF tags, possibly involving the exif_data_load_data_thumbnail function in exif-data.c.

CPENameOperatorVersion
libexif:libexiflibexifle0.6.16

CPE	Name	Operator	Version
libexif:libexif	libexif	le	0.6.16

References

bugs.gentoo.org/show_bug.cgi?id=202350

osvdb.org/42653

secunia.com/advisories/28076

secunia.com/advisories/28127

secunia.com/advisories/28195

secunia.com/advisories/28266

secunia.com/advisories/28346

secunia.com/advisories/28400

secunia.com/advisories/28636

secunia.com/advisories/28776

secunia.com/advisories/29381

secunia.com/advisories/32274

security.gentoo.org/glsa/glsa-200712-15.xml

sunsolve.sun.com/search/document.do?assetkey=1-26-234701-1

www.debian.org/security/2008/dsa-1487

www.mandriva.com/security/advisories?name=MDVSA-2008:005

www.novell.com/linux/security/advisories/suse_security_summary_report.html

www.redhat.com/support/errata/RHSA-2007-1165.html

www.redhat.com/support/errata/RHSA-2007-1166.html

www.securityfocus.com/archive/1/485822/100/0/threaded

www.securityfocus.com/bid/26942

www.securitytracker.com/id?1019124

www.ubuntu.com/usn/usn-654-1

www.vupen.com/english/advisories/2007/4278

www.vupen.com/english/advisories/2008/0947/references

bugzilla.redhat.com/show_bug.cgi?id=425561

bugzilla.redhat.com/show_bug.cgi?id=425621

bugzilla.redhat.com/show_bug.cgi?id=425631

exchange.xforce.ibmcloud.com/vulnerabilities/39167

issues.rpath.com/browse/RPL-2068

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11029

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4814

www.redhat.com/archives/fedora-package-announce/2007-December/msg00597.html

www.redhat.com/archives/fedora-package-announce/2007-December/msg00626.html

7.3 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.021 Low

EPSS

Percentile

89.0%

JSON

Related for CVE-2007-6352

prion1 openvas31 nessus24 centos2 debiancve1 ubuntucve1 oraclelinux2 redhat2 veracode1 ubuntu1 fedora2 securityvulns2 altlinux1 gentoo1 osv1 debian1