CVE-2009-3895
Published: 20 November 2009
Heap-based buffer overflow in the exif_entry_fix function (aka the tag fixup routine) in libexif/exif-entry.c in libexif 0.6.18 allows remote attackers to cause a denial of service or possibly execute arbitrary code via an invalid EXIF image. NOTE: some of these details are obtained from third party information.
Notes
| Author | Note |
|---|---|
| mdeslaur | upstream advisory says only 0.6.18 is vulnerable |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
libexif Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
| hardy |
Not vulnerable
(0.6.16-2.1ubuntu0.1)
|
|
| intrepid |
Not vulnerable
(0.6.16-2.1ubuntu1)
|
|
| jaunty |
Not vulnerable
(0.6.16-2.1ubuntu1)
|
|
| karmic |
Not vulnerable
(0.6.17-1)
|
|
| upstream |
Released
(0.6.19)
|
|
|
Patches: upstream: http://libexif.cvs.sourceforge.net/viewvc/libexif/libexif/libexif/exif-entry.c?r1=1.135&r2=1.136&pathrev=HEAD |
||