CVE-2007-2645
CVE-2007-2645
Integer overflow in the exif_data_load_data_entry function in exif-data.c in libexif before 0.6.14 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted EXIF data, involving the (1) doff or (2) s variable.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/30024unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://osvdb.org/35978http://secunia.com/advisories/25235http://secunia.com/advisories/25540http://secunia.com/advisories/25569http://secunia.com/advisories/25599http://secunia.com/advisories/25621http://secunia.com/advisories/25932http://secunia.com/advisories/26083http://secunia.com/advisories/28776http://security.gentoo.org/glsa/glsa-200706-01.xmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/34233https://issues.rpath.com/browse/RPL-1431