{
  "details" : [ "Heap-based buffer overflow in the exif_entry_fix function (aka the tag fixup routine) in libexif/exif-entry.c in libexif 0.6.18 allows remote attackers to cause a denial of service or possibly execute arbitrary code via an invalid EXIF image.  NOTE: some of these details are obtained from third party information." ],
  "statement" : "Not vulnerable. This issue did not affect the versions of libexif as shipped with Red Hat Enterprise Linux 4, or 5.",
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2009-3895\nhttps://nvd.nist.gov/vuln/detail/CVE-2009-3895" ],
  "name" : "CVE-2009-3895",
  "csaw" : false
}