Skip to main content

Libexif CVE-2012-2813

MEDIUM
Buffer Overflow (CWE-119)
2012-07-13 chrome-cve-admin@google.com
6.4
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
6.4 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:P

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:N/AC:L/Au:N/C:P/I:N/A:P
Attack Vector
Network
Attack Complexity
Low
Confidentiality
P
Integrity
None
Availability
P

Lifecycle Timeline

1
CVE Published
Jul 13, 2012 - 10:34 cve.org
MEDIUM 6.4

DescriptionCVE.org

The exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image.

AnalysisAI

The exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. The exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image. Affected products include: Libexif Project Libexif. Version information: before 0.6.21.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.

CVE-2017-7544 CRITICAL POC
9.1 Sep 21

libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in exif_data_save_data_entry function in l

CVE-2020-13112 CRITICAL
9.1 May 21

An issue was discovered in libexif before 0.6.22. Rated critical severity (CVSS 9.1), this vulnerability is remotely exp

CVE-2012-2841 HIGH
7.5 Jul 13

Integer underflow in the exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6

CVE-2012-2814 HIGH
7.5 Jul 13

Buffer overflow in the exif_entry_format_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.

CVE-2020-13113 HIGH
8.2 May 21

An issue was discovered in libexif before 0.6.22. Rated high severity (CVSS 8.2), this vulnerability is remotely exploit

CVE-2012-2840 HIGH
7.5 Jul 13

Off-by-one error in the exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif

CVE-2020-0198 HIGH
7.5 Jun 11

In exif_data_load_data_content of exif-data.c, there is a possible UBSAN abort due to an integer overflow. Rated high se

CVE-2020-0181 HIGH
7.5 Jun 11

In exif_data_load_data_thumbnail of exif-data.c, there is a possible denial of service due to an integer overflow. Rated

CVE-2020-13114 HIGH
7.5 May 21

An issue was discovered in libexif before 0.6.22. Rated high severity (CVSS 7.5), this vulnerability is remotely exploit

CVE-2026-32775 HIGH
7.4 Mar 16

Integer underflow in libexif 0.6.25 and earlier allows local attackers to overwrite memory via crafted MakerNote EXIF da

CVE-2012-2836 MEDIUM
6.4 Jul 13

The exif_data_load_data function in exif-data.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remot

CVE-2012-2812 MEDIUM
6.4 Jul 13

The exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows rem

Share

CVE-2012-2813 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy