Libexif Security Vulnerabilities and Issues — Libexif CVE List

Lucene search

Libexif ProjectLibexif

7 matches found

CVE•added 2012/07/13 10:34 a.m.•105 views

CVE-2012-2836

The exif_data_load_data function in exif-data.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image.

6.4CVSS6.6AI score0.04678EPSS

CVE•added 2012/07/13 10:34 a.m.•90 views

CVE-2012-2841

Integer underflow in the exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 might allow remote attackers to execute arbitrary code via vectors involving a crafted buffer-size parameter during the formatting of an EXIF tag, leading to a heap-based buff...

7.5CVSS7.4AI score0.05429EPSS

CVE•added 2012/07/13 10:34 a.m.•84 views

CVE-2012-2812

The exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image.

6.4CVSS6.6AI score0.00928EPSS

CVE•added 2012/07/13 10:34 a.m.•84 views

CVE-2012-2813

The exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image.

6.4CVSS6.6AI score0.00852EPSS

CVE•added 2012/07/13 10:34 a.m.•83 views

CVE-2012-2814

Buffer overflow in the exif_entry_format_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted EXIF tags in an image.

7.5CVSS8AI score0.0671EPSS

CVE•added 2012/07/13 10:34 a.m.•83 views

CVE-2012-2837

The mnote_olympus_entry_get_value function in olympus/mnote-olympus-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (divide-by-zero error) via an image with crafted EXIF tags that are not properly handled during the formatting...

5CVSS6.2AI score0.01256EPSS

CVE•added 2012/07/13 10:34 a.m.•83 views

CVE-2012-2840

Off-by-one error in the exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted EXIF tags in an image.

7.5CVSS7.7AI score0.02169EPSS