Libexif Project Libexif vulnerabilities

CVE-2012-2836 [MEDIUM] CWE-119 CVE-2012-2836: The exif_data_load_data function in exif-data.c in the EXIF Tag Parsing Library (aka libexif) before The exif_data_load_data function in exif-data.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image.

CVE-2012-2812 [MEDIUM] CWE-119 CVE-2012-2812: The exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) befo The exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image.

CVE-2012-2813 [MEDIUM] CWE-119 CVE-2012-2813: The exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif The exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image.

CVE-2009-3895 [MEDIUM] CWE-119 CVE-2009-3895: Heap-based buffer overflow in the exif_entry_fix function (aka the tag fixup routine) in libexif/exi Heap-based buffer overflow in the exif_entry_fix function (aka the tag fixup routine) in libexif/exif-entry.c in libexif 0.6.18 allows remote attackers to cause a denial of service or possibly execute arbitrary code via an invalid EXIF image. NOTE: some of these details are obtained from third party information.

CVE-2007-6351 [MEDIUM] CVE-2007-6351: libexif 0.6.16 and earlier allows context-dependent attackers to cause a denial of service (infinite libexif 0.6.16 and earlier allows context-dependent attackers to cause a denial of service (infinite recursion) via an image file with crafted EXIF tags, possibly involving the exif_loader_write function in exif_loader.c.

CVE-2007-6352 [MEDIUM] CVE-2007-6352: Integer overflow in libexif 0 Integer overflow in libexif 0.6.16 and earlier allows context-dependent attackers to execute arbitrary code via an image with crafted EXIF tags, possibly involving the exif_data_load_data_thumbnail function in exif-data.c.

CVE-2006-4168 [MEDIUM] CVE-2006-4168: Integer overflow in the exif_data_load_data_entry function in libexif/exif-data Integer overflow in the exif_data_load_data_entry function in libexif/exif-data.c in Libexif before 0.6.16 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via an image with many EXIF components, which triggers a heap-based buffer overflow.

CVE-2007-2645 [CRITICAL] CVE-2007-2645: Integer overflow in the exif_data_load_data_entry function in exif-data Integer overflow in the exif_data_load_data_entry function in exif-data.c in libexif before 0.6.14 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted EXIF data, involving the (1) doff or (2) s variable.

CVE-2005-0664 [LOW] CVE-2005-0664: Buffer overflow in the EXIF library (libexif) 0 Buffer overflow in the EXIF library (libexif) 0.6.9 does not properly validate the structure of the EXIF tags, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a JPEG image with a crafted EXIF tag.