>> libexif EXIF Tag Multiple buffer overflow Vulnerabilities
Title : libexif EXIF Tag Multiple buffer overflow Vulnerabilities VUPEN ID : VUPEN/ADV-2005-0240 CVE ID : CVE-2005-0664 CWE ID : CWE-
Rated as : High Risk
Remotely Exploitable : Yes Locally Exploitable : Yes Release Date : 2005-03-08
Technical Description
Several vulnerabilities were identified in libexif, which may be exploited by attackers to execute arbitrary commands or conduct Denial of Service attacks. These flaws are due to a buffer overflow error that can be triggered by specifying a crafted EXIF tag.
An attacker can create a specially-crafted image file which, when opened by the victim, can lead to the execution of arbitrary code with the privileges of the application linked against libexif.
