// For flags

CVE-2007-6351

libexif infinite recursion flaw (DoS)

Severity Score

4.3
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

libexif 0.6.16 and earlier allows context-dependent attackers to cause a denial of service (infinite recursion) via an image file with crafted EXIF tags, possibly involving the exif_loader_write function in exif_loader.c.

Libexif versión 0.6.16 y anteriores, permite a los atacantes dependiendo del contexto causar una denegación de servicio (recursividad infinita) por medio de un archivo de imagen con etiquetas EXIF especialmente diseñadas, que posiblemente involucra la función exif_loader_write en el archivo exif_loader.c.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2007-12-14 CVE Reserved
  • 2007-12-20 CVE Published
  • 2024-08-07 CVE Updated
  • 2024-10-23 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
References (30)
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Libexif Project
Search vendor "Libexif Project"
Libexif
Search vendor "Libexif Project" for product "Libexif"
<= 0.6.16
Search vendor "Libexif Project" for product "Libexif" and version " <= 0.6.16"
-
Affected
Libexif Project
Search vendor "Libexif Project"
Libexif
Search vendor "Libexif Project" for product "Libexif"
0.6.14
Search vendor "Libexif Project" for product "Libexif" and version "0.6.14"
-
Affected
Libexif Project
Search vendor "Libexif Project"
Libexif
Search vendor "Libexif Project" for product "Libexif"
0.6.15
Search vendor "Libexif Project" for product "Libexif" and version "0.6.15"
-
Affected