Your submission was sent successfully! Close

CVE-2007-6352

Published: 20 December 2007

Integer overflow in libexif 0.6.16 and earlier allows context-dependent attackers to execute arbitrary code via an image with crafted EXIF tags, possibly involving the exif_data_load_data_thumbnail function in exif-data.c.

Priority

Medium

Status

Package Release Status
libexif
Launchpad, Ubuntu, Debian
dapper
Released (0.6.12-2ubuntu0.3)
edgy Ignored
(edgy EOL)
feisty
Released (0.6.13-5ubuntu0.3)
gutsy
Released (0.6.16-1ubuntu0.1)
hardy Not vulnerable
(0.6.16-2.1)
upstream
Released (0.6.16-2.1)
Patches:
vendor: http://patch-tracking.debian.net/patch/series/view/libexif/0.6.16-2.1/CVE-2007-6352