CVE-2006-4168

2007-06-1400:00:00

ubuntu.com

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.261 Low

EPSS

Percentile

96.8%

JSON

Integer overflow in the exif_data_load_data_entry function in
libexif/exif-data.c in Libexif before 0.6.16 allows remote attackers to
cause a denial of service (application crash) or execute arbitrary code via
an image with many EXIF components, which triggers a heap-based buffer
overflow.

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchlibexif< 0.6.12-2ubuntu0.2UNKNOWN
ubuntu6.10noarchlibexif< 0.6.13-4ubuntu0.2UNKNOWN
ubuntu7.04noarchlibexif< 0.6.13-5ubuntu0.2UNKNOWN