Back to search
CVE-2009-3895
Published: Nov 20, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
Heap-based buffer overflow in the exif_entry_fix function (aka the tag fixup routine) in libexif/exif-entry.c in libexif 0.6.18 allows remote attackers to cause a denial of service or possibly execute arbitrary code via an invalid EXIF image. NOTE: some of these details are obtained from third party information.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
37378
third-party-advisory
x_refsource_SECUNIA
http://bugs.gentoo.org/show_bug.cgi?id=293190
x_refsource_CONFIRM
ADV-2009-3243
vdb-entry
x_refsource_VUPEN
[oss-security] 20091119 CVE assignment (libexif)
mailing-list
x_refsource_MLIST
libexif-exifentryfix-bo(54275)
vdb-entry
x_refsource_XF
37022
vdb-entry
x_refsource_BID
59956
vdb-entry
x_refsource_OSVDB
[libexif-devel] 20091113 libexif project security advisory
mailing-list
x_refsource_MLIST
http://bugs.debian.org/557137
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now