CVE-2016-6328 in libexifinfo

Summary

A vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of the input file. This can cause Denial-of-Service (DoS) and Information Disclosure (disclosing some critical heap chunk metadata, even other applications' private data).

Be aware that VulDB is the high quality source for vulnerability data.

Responsible

Red Hat, Inc.

Reservation

07/26/2016

Disclosure

10/31/2018

Moderation

VulDB entry created

Entries

1: VDB-126344

CPE

ready

CWE

CWE-190 (Confirmed)

CVSS

6.8

EPSS

0.00693

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-6328
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-6328
CVE Details	https://www.cvedetails.com/cve/CVE-2016-6328/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!