Libexif Project

Libexif

19 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2012-2841

  • EPSS 5.43%
  • Veröffentlicht 13.07.2012 10:34:59
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Integer underflow in the exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 might allow remote attackers to execute arbitrary code via vectors involving a crafted buffer-size parameter during the format...

7.5

CVE-2012-2840

  • EPSS 2.17%
  • Veröffentlicht 13.07.2012 10:34:59
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Off-by-one error in the exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted EXIF tags in a...

5

CVE-2012-2837

  • EPSS 1.26%
  • Veröffentlicht 13.07.2012 10:34:59
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The mnote_olympus_entry_get_value function in olympus/mnote-olympus-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (divide-by-zero error) via an image with crafted EXIF tags th...

6.4

CVE-2012-2836

  • EPSS 4.68%
  • Veröffentlicht 13.07.2012 10:34:59
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The exif_data_load_data function in exif-data.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via cra...

7.5

CVE-2012-2814

  • EPSS 6.71%
  • Veröffentlicht 13.07.2012 10:34:59
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Buffer overflow in the exif_entry_format_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted EXIF tags in an image.

6.4

CVE-2012-2813

  • EPSS 0.85%
  • Veröffentlicht 13.07.2012 10:34:59
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory...

6.4

CVE-2012-2812

  • EPSS 0.93%
  • Veröffentlicht 13.07.2012 10:34:59
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via c...

6.8

CVE-2009-3895

  • EPSS 7.66%
  • Veröffentlicht 20.11.2009 18:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Heap-based buffer overflow in the exif_entry_fix function (aka the tag fixup routine) in libexif/exif-entry.c in libexif 0.6.18 allows remote attackers to cause a denial of service or possibly execute arbitrary code via an invalid EXIF image. NOTE: ...

4.3

CVE-2007-6351

  • EPSS 4.5%
  • Veröffentlicht 20.12.2007 02:46:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

libexif 0.6.16 and earlier allows context-dependent attackers to cause a denial of service (infinite recursion) via an image file with crafted EXIF tags, possibly involving the exif_loader_write function in exif_loader.c.