#VU31855 Infinite loop in libexif - CVE-2007-6351

Cybersecurity Help s.r.o.

Published: 2020-07-26

Vulnerability identifier: #VU31855

Vulnerability risk: Low

CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2007-6351

CWE-ID: CWE-835

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
libexif
Universal components / Libraries / Libraries used by multiple products

Vendor: libexif.sourceforge.net

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop in the the exif_loader_write function in exif_loader.c. A remote attacker can consume all available system resources and cause denial of service conditions via a specially crafted image.

Mitigation
Install update from vendor's website.

Vulnerable software versions

libexif: 0.6.9 - 0.6.16

External links
https://bugs.gentoo.org/show_bug.cgi?id=202350
https://security.gentoo.org/glsa/glsa-200712-15.xml
https://www.debian.org/security/2008/dsa-1487
https://www.mandriva.com/security/advisories?name=MDVSA-2008:005
https://www.novell.com/linux/security/advisories/suse_security_summary_report.html
https://www.redhat.com/support/errata/RHSA-2007-1165.html
https://www.securityfocus.com/archive/1/485822/100/0/threaded
https://www.securityfocus.com/bid/26976
https://www.securitytracker.com/id?1019124
https://www.ubuntu.com/usn/usn-654-1
https://www.vupen.com/english/advisories/2007/4278
https://bugzilla.redhat.com/show_bug.cgi?id=425551
https://bugzilla.redhat.com/show_bug.cgi?id=425621
https://bugzilla.redhat.com/show_bug.cgi?id=425631
https://exchange.xforce.ibmcloud.com/vulnerabilities/39166
https://issues.rpath.com/browse/RPL-2068
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9420
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00597.html
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00626.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Gentoo update for libexif

Multiple vulnerabilities in libexif