CVE-2006-4168 — Integer Overflow or Wraparound in Libexif

CWE-190 — Integer Overflow or Wraparound8 documents8 sources

Severity

6.8MEDIUMNVD

EPSS

7.5%

top 8.16%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Libexif Project Libexif Libexif

Timeline

PublishedJun 14

Latest updateMay 1

Description

Integer overflow in the exif_data_load_data_entry function in libexif/exif-data.c in Libexif before 0.6.16 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via an image with many EXIF components, which triggers a heap-based buffer overflow.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages2 packages

▶Debianlibexif_project/libexif< 0.6.16-1+3

▶NVDlibexif/libexif6 versions+5

Patches

Patch: labs.idefense.com ↗Patch: secunia.com ↗Patch: sourceforge.net ↗

🔴Vulnerability Details

GHSA

GHSA-6mcf-v3q9-5w3p: Integer overflow in the exif_data_load_data_entry function in libexif/exif-data↗2022-05-01

▶

CVEList

CVE-2006-4168: Integer overflow in the exif_data_load_data_entry function in libexif/exif-data↗2007-06-14

▶

OSV

CVE-2006-4168: Integer overflow in the exif_data_load_data_entry function in libexif/exif-data↗2007-06-14

▶

📋Vendor Advisories

Ubuntu

libexif vulnerability↗2007-06-27

▶

Red Hat

libexif integer overflow↗2007-06-13

▶

Debian

CVE-2006-4168: libexif - Integer overflow in the exif_data_load_data_entry function in libexif/exif-data....↗2006

▶

💬Community

Bugzilla

CVE-2006-4168 libexif integer overflow↗2007-06-12

▶