Buffer Overflow Vulnerability in EXIF Tag Parsing Library Affects Multiple Vendors
CVE-2012-2814

Currently unrated

Key Information:

Vendor: Libexif Project
Status: Libexif
Vendor: CVE Published:; 13 July 2012

🔔 Create Libexif Project Vulnerability Alert

What is CVE-2012-2814?

A vulnerability in the EXIF Tag Parsing Library (libexif) version 0.6.20 presents a buffer overflow risk through the exif_entry_format_value function in exif-entry.c. This flaw could enable remote attackers to exploit crafted EXIF tags within images, potentially leading to a denial of service or the execution of arbitrary code. It is crucial for affected systems to apply available patches and employ defensive coding practices to mitigate such vulnerabilities.

References

http://www.securityfocus.com/bid/54437

vdb-entryx_refsource_BID

http://www.debian.org/security/2012/dsa-2559

vendor-advisoryx_refsource_DEBIAN

http://lists.opensuse.org/opensuse-security-announce/2012...

vendor-advisoryx_refsource_SUSE

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 13, 2012
Vulnerability Reserved
May 19, 2012

CVE-2012-2814 Data

JSON