CVE-2007-6352
published 2007-12-20CVE-2007-6352: Integer overflow in libexif 0.6.16 and earlier allows context-dependent attackers to execute arbitrary code via an image with crafted EXIF tags, possibly…
medium6.8CVSS 3.1
AVNACMAuNCPIPAP
Integer overflow in libexif 0.6.16 and earlier allows context-dependent attackers to execute arbitrary code via an image with crafted EXIF tags, possibly involving the exif_data_load_data_thumbnail function in exif-data.c.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | libexif | < libexif 0.6.16-2.1 (bookworm) | libexif 0.6.16-2.1 (bookworm) |
| libexif | libexif | <= 0.6.16 | — |
| libexif_project | libexif | >= 0 < 0.6.16-2.1 | 0.6.16-2.1 |
| libexif_project | libexif | >= 0 < 0.6.16-2.1 | 0.6.16-2.1 |
| libexif_project | libexif | >= 0 < 0.6.16-2.1 | 0.6.16-2.1 |
| libexif_project | libexif | >= 0 < 0.6.16-2.1 | 0.6.16-2.1 |
CVSS provenance
nvd6.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM