CVE-2007-2645

Integer overflow in the exif_data_load_data_entry function in exif-data.c in libexif before 0.6.14 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted EXIF data, involving the (1) doff or (2) s variable.
Configurations

Configuration 1

cpe:2.3:a:libexif:libexif:0.6.9:*:*:*:*:*:*:*
cpe:2.3:a:libexif:libexif:0.6.11:*:*:*:*:*:*:*
cpe:2.3:a:libexif:libexif:0.5.12:*:*:*:*:*:*:*
cpe:2.3:a:libexif:libexif:0.6.12:*:*:*:*:*:*:*
cpe:2.3:a:libexif:libexif:0.5:*:*:*:*:*:*:*
cpe:2.3:a:libexif:libexif:0.6.13:*:*:*:*:*:*:*

Information

Published : 2007-05-14 09:19

Updated : 2018-10-16 04:44


NVD link : CVE-2007-2645

Mitre link : CVE-2007-2645

Products Affected
No products.