CVE-2007-2645

EPSS 32.1%

libexif - several vulnerabilities

Published: 5/14/2007Modified: 4/28/2026

Description

Integer overflow in the exif_data_load_data_entry function in exif-data.c in libexif before 0.6.14 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted EXIF data, involving the (1) doff or (2) s variable.

Affected packages (2)

Debian/libexiffrom 0, < 0.6.15-1
Debian/libexiffrom 0, < 0.6.9-6sarge2

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2007-2645