cpe:/a:exiv2:exiv2 CVE-2007-6353 2007-12-19T20:46:00.000-05:00 2017-08-07T21:29:06.947-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2007-12-20T14:20:00.000-05:00 BID 26918 SECUNIA 28132 SECUNIA 28178 SECUNIA 28267 SECUNIA 28412 SECUNIA 28610 SECUNIA 32273 VUPEN ADV-2007-4252 DEBIAN DSA-1474 FEDORA FEDORA-2007-4551 FEDORA FEDORA-2007-4591 GENTOO GLSA-200712-16 MANDRIVA MDVSA-2008:006 SUSE SUSE-SR:2008:001 UBUNTU USN-655-1 XF exiv2-setdataarea-bo(39118) MISC http://bugs.gentoo.org/show_bug.cgi?id=202351 CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=425921 Integer overflow in exif.cpp in exiv2 library allows context-dependent attackers to execute arbitrary code via a crafted EXIF file that triggers a heap-based buffer overflow.