CVE-2017-7544
NONE EPSS 86.9%
Published Sep 21, 20178y ago · Modified Jun 17, 20262w ago
Published Sep 21, 2017 8y ago
Last Modified Jun 17, 2026 2w ago
Description
libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c caused by improper length computation of the allocated data of an ExifMnote entry which can cause denial-of-service or possibly information disclosure.
Threat Intelligence
EPSS Exploit Probability
86.9% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available
Weaknesses 1
CWE-125 Out-of-bounds Read Memory Safety
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| libexif_project | libexif | * | ≤0.6.21 |
References 4
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00017.html
- lists.debian.org https://lists.debian.org/debian-lts-announce/2020/05/msg00016.html
- sourceforge.net https://sourceforge.net/p/libexif/bugs/130/
- usn.ubuntu.com https://usn.ubuntu.com/4277-1/
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.