Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6352

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2007-6352
Last Modified 07 Mar 2011 12:00:00
Published 19 Dec 2007 09:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-6352

Summary

Integer overflow in libexif 0.6.16 and earlier allows context-dependent attackers to execute arbitrary code via an image with crafted EXIF tags, possibly involving the exif_data_load_data_thumbnail function in exif-data.c.

Vulnerable Systems

Application

  • Libexif 0.6.16


References

FEDORA - FEDORA-2007-4667

FEDORA - FEDORA-2007-4608

CONFIRM - https://issues.rpath.com/browse/RPL-2068

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=425631

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=425621

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=425561

XF - libexif-exifdataloaddatathumbnail-bo(39167)

VUPEN - ADV-2008-0947

VUPEN - ADV-2007-4278

UBUNTU - USN-654-1

SECTRACK - 1019124

BID - 26942

BUGTRAQ - 20080105 rPSA-2008-0006-1 libexif

REDHAT - RHSA-2007:1166

REDHAT - RHSA-2007:1165

SUSE - SUSE-SR:2008:002

MANDRIVA - MDVSA-2008:005

DEBIAN - DSA-1487

SUNALERT - 234701

GENTOO - GLSA-200712-15

SECUNIA - 32274

SECUNIA - 29381

SECUNIA - 28776

SECUNIA - 28636

SECUNIA - 28400

SECUNIA - 28346

SECUNIA - 28266

SECUNIA - 28195

SECUNIA - 28127

SECUNIA - 28076

OSVDB - 42653

CONFIRM - http://bugs.gentoo.org/show_bug.cgi?id=202350

Related Patches

Novell SUSE 2008:4884 libexif security update for SLE 10 SP1 i586


Last Updated: 27 May 2016 10:46:28