Debian Libexif vulnerabilities

CVE-2012-2813 [MEDIUM] CVE-2012-2813: libexif - The exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing ... The exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image. Scope: local bookworm: resolved (fixed in 0.6.20-3) bullseye: resolved (fixed in 0

CVE-2009-3895 [MEDIUM] CVE-2009-3895: libexif - Heap-based buffer overflow in the exif_entry_fix function (aka the tag fixup rou... Heap-based buffer overflow in the exif_entry_fix function (aka the tag fixup routine) in libexif/exif-entry.c in libexif 0.6.18 allows remote attackers to cause a denial of service or possibly execute arbitrary code via an invalid EXIF image. NOTE: some of these details are obtained from third party information. Scope: local bookworm: resolved (fixed in 0.6.19-1) bu

CVE-2007-2645 [CRITICAL] CVE-2007-2645: libexif - Integer overflow in the exif_data_load_data_entry function in exif-data.c in lib... Integer overflow in the exif_data_load_data_entry function in exif-data.c in libexif before 0.6.14 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted EXIF data, involving the (1) doff or (2) s variable. Scope: local bookworm: resolved (fixed in 0.6.15-1) bullseye: resolved (fixed in 0.6.15-1) f

CVE-2007-6352 [MEDIUM] CVE-2007-6352: libexif - Integer overflow in libexif 0.6.16 and earlier allows context-dependent attacker... Integer overflow in libexif 0.6.16 and earlier allows context-dependent attackers to execute arbitrary code via an image with crafted EXIF tags, possibly involving the exif_data_load_data_thumbnail function in exif-data.c. Scope: local bookworm: resolved (fixed in 0.6.16-2.1) bullseye: resolved (fixed in 0.6.16-2.1) forky: resolved (fixed in 0.6.16-2.1) sid: resolve

CVE-2007-6351 [MEDIUM] CVE-2007-6351: libexif - libexif 0.6.16 and earlier allows context-dependent attackers to cause a denial ... libexif 0.6.16 and earlier allows context-dependent attackers to cause a denial of service (infinite recursion) via an image file with crafted EXIF tags, possibly involving the exif_loader_write function in exif_loader.c. Scope: local bookworm: resolved (fixed in 0.6.16-2.1) bullseye: resolved (fixed in 0.6.16-2.1) forky: resolved (fixed in 0.6.16-2.1) sid: resolved

CVE-2006-4168 [MEDIUM] CVE-2006-4168: libexif - Integer overflow in the exif_data_load_data_entry function in libexif/exif-data.... Integer overflow in the exif_data_load_data_entry function in libexif/exif-data.c in Libexif before 0.6.16 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via an image with many EXIF components, which triggers a heap-based buffer overflow. Scope: local bookworm: resolved (fixed in 0.6.16-1) bullseye: resolved (fixed

CVE-2005-0664 [LOW] CVE-2005-0664: libexif - Buffer overflow in the EXIF library (libexif) 0.6.9 does not properly validate t... Buffer overflow in the EXIF library (libexif) 0.6.9 does not properly validate the structure of the EXIF tags, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a JPEG image with a crafted EXIF tag. Scope: local bookworm: resolved (fixed in 0.6.9-5) bullseye: resolved (fixed in 0.6.9-5) forky: resolve