QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2006-4168

Back to search

CVE-2006-4168

Published: Jun 14, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Integer overflow in the exif_data_load_data_entry function in libexif/exif-data.c in Libexif before 0.6.16 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via an image with many EXIF components, which triggers a heap-based buffer overflow.

VendorProductVersions

n/a

n/a

affected
n/a

References

SUSE-SA:2007:039
vendor-advisory
x_refsource_SUSE
25717
third-party-advisory
x_refsource_SECUNIA
26083
third-party-advisory
x_refsource_SECUNIA
SUSE-SR:2007:014
vendor-advisory
x_refsource_SUSE
24461
vdb-entry
x_refsource_BID
MDKSA-2007:128
vendor-advisory
x_refsource_MANDRIVA
DSA-1310
vendor-advisory
x_refsource_DEBIAN
GLSA-200706-09
vendor-advisory
x_refsource_GENTOO
1018240
vdb-entry
x_refsource_SECTRACK
USN-478-1
vendor-advisory
x_refsource_UBUNTU
RHSA-2007:0501
vendor-advisory
x_refsource_REDHAT
25746
third-party-advisory
x_refsource_SECUNIA
25768
third-party-advisory
x_refsource_SECUNIA
25645
third-party-advisory
x_refsource_SECUNIA
25674
third-party-advisory
x_refsource_SECUNIA
25842
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:9349
vdb-entry
signature
x_refsource_OVAL
35379
vdb-entry
x_refsource_OSVDB
25820
third-party-advisory
x_refsource_SECUNIA
25932
third-party-advisory
x_refsource_SECUNIA
ADV-2007-2165
vdb-entry
x_refsource_VUPEN
20070622 FLEA-2007-0028-1: libexif
mailing-list
x_refsource_BUGTRAQ
25642
third-party-advisory
x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now