Denial of Service Vulnerability in EXIF Tag Parsing Library by libexif
CVE-2012-2812

Currently unrated

Key Information:

Vendor: Libexif Project
Status: Libexif
Vendor: CVE Published:; 13 July 2012

🔔 Create Libexif Project Vulnerability Alert

What is CVE-2012-2812?

The EXIF Tag Parsing Library (libexif) contains a vulnerability in the exif_entry_get_value function that can be exploited through specially crafted EXIF tags. Attackers can trigger out-of-bounds read conditions, leading to potential denial of service or the exposure of sensitive information stored in memory. This vulnerability impacts various applications that rely on libexif, highlighting the importance of keeping such libraries updated to mitigate security risks.

References

http://www.securityfocus.com/bid/54437

vdb-entryx_refsource_BID

http://www.debian.org/security/2012/dsa-2559

vendor-advisoryx_refsource_DEBIAN

http://lists.opensuse.org/opensuse-security-announce/2012...

vendor-advisoryx_refsource_SUSE

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 13, 2012
Vulnerability Reserved
May 19, 2012

CVE-2012-2812 Data

JSON