PublicDate: 2007-06-14 19:30:00 UTC
Candidate: CVE-2006-4168
References:
 https://ubuntu.com/security/notices/USN-478-1
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4168
Description:
 Integer overflow in the exif_data_load_data_entry function in
 libexif/exif-data.c in Libexif before 0.6.16 allows remote attackers to
 cause a denial of service (application crash) or execute arbitrary code via
 an image with many EXIF components, which triggers a heap-based buffer
 overflow.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_libexif: released (0.6.12-2ubuntu0.2)
edgy_libexif: released (0.6.13-4ubuntu0.2)
feisty_libexif: released (0.6.13-5ubuntu0.2)
devel_libexif: released (0.6.16-1)
upstream_libexif: needs-triage