Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.4
CVSSv2

CVE-2017-7544

Published: 21/09/2017 Updated: 11/06/2020
CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10
CVSS v3 Base Score: 9.1 | Impact Score: 5.2 | Exploitability Score: 3.9
VMScore: 570
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P
Subscribe to Libexif Project

Vulnerability Summary

libexif up to and including 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c caused by improper length computation of the allocated data of an ExifMnote entry which can cause denial-of-service or possibly information disclosure.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

libexif project libexif

Vendor Advisories

Ubuntu Security Notice: libexif vulnerabilities
Several security issues were fixed in libexif ...
Debian CVElist Bug Report Logs: libexif: CVE-2016-6328: Integer overflow in parsing MNOTE entry data of the input file
Debian Bug report logs - #873022 libexif: CVE-2016-6328: Integer overflow in parsing MNOTE entry data of the input file Package: src:libexif; Maintainer for src:libexif is Debian PhotoTools Maintainers <pkg-phototools-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 23 A ...
Debian CVElist Bug Report Logs: libexif: CVE-2017-7544: Out-of-bounds heap read in exif_data_save_data_entry function
Debian Bug report logs - #876466 libexif: CVE-2017-7544: Out-of-bounds heap read in exif_data_save_data_entry function Package: src:libexif; Maintainer for src:libexif is Debian PhotoTools Maintainers <pkg-phototools-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 22 Se ...
Red Hat: CVE-2017-7544
libexif through 0621 is vulnerable to out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-datac caused by improper length computation of the allocated data of an ExifMnote entry which can cause denial-of-service or possibly information disclosure ...
Arch Linux Issues:
Severity Unknown Remote Unknown Type Unknown Description AVG-1166 libexif 0621-1 0622-1 Unknown Vulnerable ...

References

CWE-125https://sourceforge.net/p/libexif/bugs/130/https://usn.ubuntu.com/4277-1/https://lists.debian.org/debian-lts-announce/2020/05/msg00016.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-06/msg00017.htmlhttps://usn.ubuntu.com/4277-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040privilege escalationCVE-2024-4112CVE-2024-32872man-in-the-middleCVE-2024-32788bypassCVE-2024-3400CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook