New Search

Integer overflow in the exif_data_load_data_entry function in libexif/exif-data.c in Libexif before 0.6.16 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via an image with many EXIF components which triggers a heap-based buffer overflow.

oval:org.mitre.oval:def:9349

Integer overflow in the exif_data_load_data_entry function in libexif/exif-data.c in Libexif before 0.6.16 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via an image with many EXIF components which triggers a heap-based buffer overflow.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Red Hat Enterprise Linux 4
  • Oracle Linux 4
  • Red Hat Enterprise Linux 5
  • CentOS Linux 5
  • Oracle Linux 5
  • CentOS Linux 4
Class:
vulnerability
Reference(s):
  • CVE-2006-4168
Product(s):