- Description
- Integer overflow in the exif_data_load_data_entry function in exif-data.c in libexif before 0.6.14 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted EXIF data, involving the (1) doff or (2) s variable.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
- Hype score
- Not currently trending
- Red HatRed Hat does not consider this flaw to have security consequences. For more details please see the following: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240055
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libexif:libexif:0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "197E67B0-6E2C-4AAF-AA7B-AF7A91AF95C4"
},
{
"criteria": "cpe:2.3:a:libexif:libexif:0.5.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "202E1115-B9F9-4518-A2C5-6069C0D75DA0"
},
{
"criteria": "cpe:2.3:a:libexif:libexif:0.6.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C4D77F97-C618-43D2-B769-BBA0DBD0F441"
},
{
"criteria": "cpe:2.3:a:libexif:libexif:0.6.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8BD998A8-F573-494D-8059-6E374526E8AD"
},
{
"criteria": "cpe:2.3:a:libexif:libexif:0.6.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CB7751B3-A9FF-4D76-8C9D-CC92F17B66A7"
},
{
"criteria": "cpe:2.3:a:libexif:libexif:0.6.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "58F183B8-C095-4240-8807-73F6B38EE98C"
}
],
"operator": "OR"
}
]
}
]