LibEXIF 0.6.x - Exif_Data_Load_Data_Entry Remote Integer Overflow Vulnerability



source: http://www.securityfocus.com/bid/23927/info


The libexif library is prone to an integer-overflow vulnerability because the software fails to properly ensure that integer math operations do not result in overflows.

Successful exploits of this vulnerability allow remote attackers to execute arbitrary machine code in the context of an application using the vulnerable library. Failed attempts will likely result in denial-of-service conditions.

Versions of libexif prior to 0.6.14 are vulnerable to this issue. 

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30024.jpg