You are here

CVE-2012-2841

Vincent (CVE) Danen's picture
Integer underflow in the exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 might allow remote attackers to execute arbitrary code via vectors involving a crafted buffer-size parameter during the formatting of an EXIF tag, leading to a heap-based buffer overflow.

Details Source

Mitre

Public Date

2012-07-12 00:00:00

Impact

Moderate

Bugzilla

CVE-2012-2841 libexif: "exif_entry_get_value()" integer underflow

Bugzilla ID

839 189

CVSS Status

verified

Base Score

5.10

Base Metrics

AV:N/AC:H/Au:N/C:P/I:P/A:P

Acknowledgements

Red Hat would like to thank Dan Fandrich for reporting this issue.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 5 (libexif) RHSA-2012:1255 2012-09-11
Red Hat Enterprise Linux 6 (libexif) RHSA-2012:1255 2012-09-11

CWE

CWE-190