CVE-2007-6352

Published: 20 December 2007

Integer overflow in libexif 0.6.16 and earlier allows context-dependent attackers to execute arbitrary code via an image with crafted EXIF tags, possibly involving the exif_data_load_data_thumbnail function in exif-data.c.

Priority

Medium

Status

Package Release Status
libexif
Launchpad, Ubuntu, Debian
Upstream
Released (0.6.16-2.1)
Patches:
Vendor: http://patch-tracking.debian.net/patch/series/view/libexif/0.6.16-2.1/CVE-2007-6352