Lucene search
+L

952 matches found

Tenable Nessus
Tenable Nessus
added 2007/06/12 12:0 a.m.19 views

Fedora Core 6 : libexif-0.6.15-1.fc6 (2007-548)

This update to the latest upstream release fixes a number of bugs, among them a possible integer overflow in the exifdataloaddataentry function CVE-2007-2645, which allows user-assisted remote attackers to cause a denial of service crash or possibly execute arbitrary code via crafted EXIF data...

9.3CVSS6.1AI score0.13162EPSS
Exploits1References1
Ubuntu
Ubuntu
added 2007/06/11 10:22 p.m.47 views

USN-471-1: libexif vulnerability

Victor Stinner discovered that libexif did not correctly validate the size of some EXIF header fields. By tricking a user into opening an image with specially crafted EXIF headers, a remote attacker could cause the application using libexif to crash, resulting in a denial of service...

9.3CVSS5.3AI score0.13162EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2007/06/07 12:0 a.m.14 views

GLSA-200706-01 : libexif: Integer overflow vulnerability

The remote host is affected by the vulnerability described in GLSA-200706-01 libexif: Integer overflow vulnerability Victor Stinner reported an integer overflow in the exifdataloaddataentry function from file exif-data.c while handling Exif data. Impact : An attacker could entice a user to proces...

9.3CVSS6AI score0.13162EPSS
Exploits1References2
securityvulns
securityvulns
added 2007/06/05 12:0 a.m.50 views

rPSA-2007-0115-1 libexif

rPath Security Advisory: 2007-0115-1 Published: 2007-06-04 Products: rPath Linux 1 Rating: Minor Exposure Level Classification: Indirect User Deterministic Denial of Service Updated Versions: libexif=/conary.rpath.com@rpl:devel//1/0.6.15-0.1-1 References: https://vulners.com/cve/CVE-2007-2645...

9.3CVSS6AI score0.13162EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2007/06/05 12:0 a.m.33 views

libexif: Integer overflow vulnerability

Background libexif is a library for parsing, editing and saving Exif data. Description Victor Stinner reported an integer overflow in the exifdataloaddataentry function from file exif-data.c while handling Exif data. Impact An attacker could entice a user to process a file with specially crafted...

9.3CVSS7.3AI score0.13162EPSS
Exploits1
Fedora
Fedora
added 2007/05/31 6:7 p.m.31 views

[SECURITY] Fedora 7 Update: libexif-0.6.15-1.fc7

Most digital cameras produce EXIF files, which are JPEG files with extra tags that contain information about the image. The EXIF library allows you to parse an EXIF file and read the data from those tags...

9.3CVSS3.5AI score0.13162EPSS
Exploits1
Prion
Prion
added 2007/05/14 9:19 p.m.15 views

Integer overflow

Integer overflow in the exifdataloaddataentry function in exif-data.c in libexif before 0.6.14 allows user-assisted remote attackers to cause a denial of service crash or possibly execute arbitrary code via crafted EXIF data, involving the 1 doff or 2 s variable...

9.3CVSS8.2AI score0.13162EPSS
Exploits1References22Affected Software1
NVD
NVD
added 2007/05/14 9:19 p.m.12 views

CVE-2007-2645

Integer overflow in the exifdataloaddataentry function in exif-data.c in libexif before 0.6.14 allows user-assisted remote attackers to cause a denial of service crash or possibly execute arbitrary code via crafted EXIF data, involving the 1 doff or 2 s variable...

9.3CVSS7.9AI score0.13162EPSS
Exploits1References22
OSV
OSV
added 2007/05/14 9:19 p.m.2 views

DEBIAN-CVE-2007-2645

Integer overflow in the exifdataloaddataentry function in exif-data.c in libexif before 0.6.14 allows user-assisted remote attackers to cause a denial of service crash or possibly execute arbitrary code via crafted EXIF data, involving the 1 doff or 2 s variable...

9.3CVSS7.8AI score0.13162EPSS
Exploits1References1
OSV
OSV
added 2007/05/14 9:19 p.m.3 views

CVE-2007-2645

Integer overflow in the exifdataloaddataentry function in exif-data.c in libexif before 0.6.14 allows user-assisted remote attackers to cause a denial of service crash or possibly execute arbitrary code via crafted EXIF data, involving the 1 doff or 2 s variable...

7.9AI score
Exploits0References24
Debian CVE
Debian CVE
added 2007/05/14 9:0 p.m.45 views

CVE-2007-2645

Integer overflow in the exifdataloaddataentry function in exif-data.c in libexif before 0.6.14 allows user-assisted remote attackers to cause a denial of service crash or possibly execute arbitrary code via crafted EXIF data, involving the 1 doff or 2 s variable...

9.3CVSS7.7AI score0.13162EPSS
Exploits1
Cvelist
Cvelist
added 2007/05/14 9:0 p.m.33 views

CVE-2007-2645

Integer overflow in the exifdataloaddataentry function in exif-data.c in libexif before 0.6.14 allows user-assisted remote attackers to cause a denial of service crash or possibly execute arbitrary code via crafted EXIF data, involving the 1 doff or 2 s variable...

7.8AI score0.13162EPSS
Exploits1References22
CVE
CVE
added 2007/05/14 9:0 p.m.80 views

CVE-2007-2645

CVE-2007-2645 affects libexif, where an integer overflow in the exif_data_load_data_entry function (in exif-data.c) can be triggered by crafted EXIF data. The vulnerability may cause a crash (DoS) or potentially allow arbitrary code execution. Affected releases are libexif up to version prior to ...

9.3CVSS7.7AI score0.13162EPSS
Exploits1References22Affected Software1
seebug.org
seebug.org
added 2007/05/14 12:0 a.m.19 views

LibEXIF exif_data_load_data_entry函数远程整数溢出漏洞

libexif是用C编写的函数库,用于从图形文件中读写EXIF元信息。 libexif在处理图形文件中的畸形EXIF信息时存在整数溢出漏洞,远程攻击者可能利用此漏洞控制客户机。 如果用户受骗打开了恶意的图形文件的话,就可能触发这个溢出,导致使用该函数库的应用程序崩溃或执行任意指令。漏洞代码位于libexif/exif-data.c文件186行的exifdataloaddataentry函数: / Sanity check / if size doff + s return; entry-data = exifdataalloc data, s; if entry-data...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2007/05/11 12:0 a.m.14 views

LibEXIF 0.6.x - Exif_Data_Load_Data_Entry Remote Integer Overflow

LibEXIF 0.6.x - ExifDataLoadDataEntry Remote Integer Overflow source: https://www.securityfocus.com/bid/23927/info The libexif library is prone to an integer-overflow vulnerability because the software fails to properly ensure that integer math operations do not result in overflows. Successful...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2007/05/11 12:0 a.m.39 views

LibEXIF 0.6.x - Exif_Data_Load_Data_Entry Remote Integer Overflow

source: https://www.securityfocus.com/bid/23927/info The libexif library is prone to an integer-overflow vulnerability because the software fails to properly ensure that integer math operations do not result in overflows. Successful exploits of this vulnerability allow remote attackers to execute...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/11/06 12:0 a.m.29 views

Solaris 9 (x86) : 121093-01

GNOME 2.6.0x86: libexif Patch. Date this patch was last updated by Sun : Nov/15/05 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

2.6CVSS6.6AI score0.0446EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2006/01/15 12:0 a.m.10 views

Ubuntu 4.10 : libexif vulnerabilities (USN-91-1)

Sylvain Defresne discovered that the EXIF library did not properly validate the structure of the EXIF tags. By tricking a user to load an image with a malicious EXIF tag, an attacker could exploit this to crash the process using the library, or even execute arbitrary code with the privileges of t...

5.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/07/13 12:0 a.m.23 views

FreeBSD : libexif -- buffer overflow vulnerability (624fe633-9006-11d9-a22c-0001020eed82)

Sylvain Defresne reports that libexif is vulnerable to a buffer overflow vulnerability due to insufficient input checking. This could lead crash of applications using libexif. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracte...

2.6CVSS5.3AI score0.0446EPSS
Exploits0References3
Debian
Debian
added 2005/04/15 2:18 p.m.38 views

[SECURITY] [DSA 709-1] New libexif packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 709-1 [email protected] http://www.debian.org/security/ Martin Schulze April 15th, 2005 http://www.debian.org/security/faq -...

2.6CVSS0.7AI score0.0446EPSS
Exploits0
Rows per page
Query Builder