CVE-2007-6351
published 2007-12-20CVE-2007-6351: libexif 0.6.16 and earlier allows context-dependent attackers to cause a denial of service (infinite recursion) via an image file with crafted EXIF tags…
medium4.3CVSS 3.1
AVNACMAuNCNINAP
libexif 0.6.16 and earlier allows context-dependent attackers to cause a denial of service (infinite recursion) via an image file with crafted EXIF tags, possibly involving the exif_loader_write function in exif_loader.c.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | libexif | < libexif 0.6.16-2.1 (bookworm) | libexif 0.6.16-2.1 (bookworm) |
| libexif_project | libexif | <= 0.6.16 | — |
| libexif_project | libexif | — | — |
| libexif_project | libexif | — | — |
| libexif_project | libexif | >= 0 < 0.6.16-2.1 | 0.6.16-2.1 |
| libexif_project | libexif | >= 0 < 0.6.16-2.1 | 0.6.16-2.1 |
| libexif_project | libexif | >= 0 < 0.6.16-2.1 | 0.6.16-2.1 |
| libexif_project | libexif | >= 0 < 0.6.16-2.1 | 0.6.16-2.1 |
CVSS provenance
nvd4.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv4.3MEDIUM