CVE-2012-2836

NONE
Published Jul 13, 201213y ago · Modified Jun 16, 20262w ago
Find Similar
Published Jul 13, 2012 13y ago
Last Modified Jun 16, 2026 2w ago

Description

The exif_data_load_data function in exif-data.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image.

Threat Intelligence

No active exploitation signals — not in CISA KEV and no EPSS score yet.

Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Memory Safety

Affected Products 6

VendorProductVersionRange
libexif_projectlibexif* ≤0.6.20
libexif_projectlibexif0.6.14any
libexif_projectlibexif0.6.15any
libexif_projectlibexif0.6.16any
libexif_projectlibexif0.6.18any
libexif_projectlibexif0.6.19any

References 8

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.