LibEXIF 0.6.x - Exif_Data_Load_Data_Entry Remote Integer Overflow Vulnerability

2007-05-11T00:00:00
ID EDB-ID:30024
Type exploitdb
Reporter Victor Stinner
Modified 2007-05-11T00:00:00

Description

LibEXIF 0.6.x Exif_Data_Load_Data_Entry Remote Integer Overflow Vulnerability. CVE-2007-2645 . Dos exploit for linux platform

                                        
                                            source: http://www.securityfocus.com/bid/23927/info

The libexif library is prone to an integer-overflow vulnerability because the software fails to properly ensure that integer math operations do not result in overflows.

Successful exploits of this vulnerability allow remote attackers to execute arbitrary machine code in the context of an application using the vulnerable library. Failed attempts will likely result in denial-of-service conditions.

Versions of libexif prior to 0.6.14 are vulnerable to this issue. 

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30024.jpg