>> KDE kdegraphics "ExifData::ProcessExifDir()" JPEG-EXIF Denial of Service Vulnerability
Title : KDE kdegraphics "ExifData::ProcessExifDir()" JPEG-EXIF Denial of Service Vulnerability VUPEN ID : VUPEN/ADV-2006-4810 CVE ID : CVE-2006-6297
Rated as : Low Risk
Remotely Exploitable : Yes Locally Exploitable : Yes Release Date : 2006-12-01
Technical Description
A vulnerability has been identified in KDE kdegraphics, which could be exploited by attackers to cause a denial of service. This issue is due to an endless recursion in the "ExifData::ProcessExifDir()" [kfile-plugins/jpeg/exif.cpp] function when processing JPEG-EXIF meta-information, which could be exploited by attackers to crash applications linked against a vulnerable plugin.
