Libexif : Security Vulnerabilities, CVEs, CVSS score >= 2
Integer overflow in libexif 0.6.16 and earlier allows context-dependent attackers to execute arbitrary code via an image with crafted EXIF tags, possibly involving the exif_data_load_data_thumbnail function in exif-data.c.
Max CVSS
6.8
EPSS Score
2.09%
Published
2007-12-20
Updated
2018-10-15
Integer overflow in the exif_data_load_data_entry function in exif-data.c in libexif before 0.6.14 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted EXIF data, involving the (1) doff or (2) s variable.
Max CVSS
9.3
EPSS Score
39.88%
Published
2007-05-14
Updated
2018-10-16
Integer overflow in the exif_data_load_data_entry function in libexif/exif-data.c in Libexif before 0.6.16 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via an image with many EXIF components, which triggers a heap-based buffer overflow.
Max CVSS
6.8
EPSS Score
27.56%
Published
2007-06-14
Updated
2018-10-17
Buffer overflow in the EXIF library (libexif) 0.6.9 does not properly validate the structure of the EXIF tags, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a JPEG image with a crafted EXIF tag.
Max CVSS
2.6
EPSS Score
5.58%
Published
2005-05-02
Updated
2018-10-03
4 vulnerabilities found