|
|
|
|
| |
Credit:
The information has been provided by iDefense Labs Security Advisories.
The original article can be found at: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=543
|
| |
Vulnerable Systems:
* libexif version 0.6.13 through 0.6.15
Immune Systems:
* libexif version 0.6.16
The problem exists while parsing a tagged image with a large number of Exif components. Applications using this library are susceptible to a heap overflow when an integer overflow is triggered in the exif_data_load_data_entry function.
Analysis:
Exploitation requires that a targeted user process a malicious image using one of several available tools that utilize libexif for Exif tag parsing. These tools include, but are not limited to, several applications included in the GNOME and KDE desktops.
Vendor response:
The libexif maintainers have released version 0.6.16 of libexif to address this vulnerability.
CVE Information:
CVE-2006-4168
Disclosure Timeline:
08/16/2006 - Initial vendor notification
06/05/2007 - Second vendor notification
06/11/2007 - Initial vendor response
06/13/2007 - Coordinated public disclosure
|
|
|
|
|
