説明
libexif 0.6.16 and earlier allows context-dependent attackers to cause a denial of service (infinite recursion) via an image file with crafted EXIF tags, possibly involving the exif_loader_write function in exif_loader.c.
AI分析AIによる分析
影響を受ける製品
libexif_projectlibexif
libexif_projectlibexif
0.6.14
libexif_projectlibexif
0.6.15
参照
- http://bugs.gentoo.org/show_bug.cgi?id=202350
- http://osvdb.org/42652
- http://secunia.com/advisories/28076Vendor Advisory
- http://secunia.com/advisories/28127Vendor Advisory
- http://secunia.com/advisories/28195Vendor Advisory
- http://secunia.com/advisories/28266Vendor Advisory
- http://secunia.com/advisories/28346Vendor Advisory
- http://secunia.com/advisories/28400Vendor Advisory
- http://secunia.com/advisories/28636Vendor Advisory
- http://secunia.com/advisories/28776Vendor Advisory
- http://secunia.com/advisories/32274Vendor Advisory
- http://security.gentoo.org/glsa/glsa-200712-15.xml
- http://www.debian.org/security/2008/dsa-1487
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:005
- http://www.novell.com/linux/security/advisories/suse_security_summary_report.html
- http://www.redhat.com/support/errata/RHSA-2007-1165.htmlPatch
- http://www.securityfocus.com/archive/1/485822/100/0/threaded
- http://www.securityfocus.com/bid/26976
- http://www.securitytracker.com/id?1019124
- http://www.ubuntu.com/usn/usn-654-1