libexif vulnerability

2007-06-1100:00:00

ubuntu.com

6.2 Medium

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.399 Low

EPSS

Percentile

97.2%

JSON

Releases

Ubuntu 7.04
Ubuntu 6.10
Ubuntu 6.06

Details

Victor Stinner discovered that libexif did not correctly validate the
size of some EXIF header fields. By tricking a user into opening an
image with specially crafted EXIF headers, a remote attacker could cause
the application using libexif to crash, resulting in a denial of service.

OSVersionArchitecturePackageVersionFilename
Ubuntu7.04noarchlibexif12< 0.6.13-5ubuntu0.1UNKNOWN
Ubuntu6.10noarchlibexif12< 0.6.13-4ubuntu0.1UNKNOWN
Ubuntu6.06noarchlibexif12< 0.6.12-2ubuntu0.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	7.04	noarch	libexif12	< 0.6.13-5ubuntu0.1	UNKNOWN
Ubuntu	6.10	noarch	libexif12	< 0.6.13-4ubuntu0.1	UNKNOWN
Ubuntu	6.06	noarch	libexif12	< 0.6.12-2ubuntu0.1	UNKNOWN