CVE-2006-4168

EPSS 7.5%

libexif

Published: 6/14/2007Modified: 4/28/2026

Description

Integer overflow in the exif_data_load_data_entry function in libexif/exif-data.c in Libexif before 0.6.16 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via an image with many EXIF components, which triggers a heap-based buffer overflow.

Affected packages (2)

Debian/libexiffrom 0, < 0.6.16-1
Debian/libexiffrom 0, < 0.6.13-5etch1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2006-4168