CVE-2012-2813
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2012-2813
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2012-2813.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2012-2813
- Downstream
- Related
- Published
- 2012-07-13T10:34:59Z
- Modified
- 2025-09-19T08:00:03.552235Z
- Summary
- [none]
- Details
-
The exifconvertutf16toutf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image.
- References
-
- http://rhn.redhat.com/errata/RHSA-2012-1255.html
- http://secunia.com/advisories/49988
- http://www.debian.org/security/2012/dsa-2559
- http://www.ubuntu.com/usn/USN-1513-1
- http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00015.html
- http://sourceforge.net/mailarchive/message.php?msg_id=29534027
- http://www.securityfocus.com/bid/54437
- https://security.alpinelinux.org/vuln/CVE-2012-2813
Affected packages
Alpine:v3.10 / libexif
Package
- Name
- libexif
- Purl
- pkg:apk/alpine/libexif?arch=source
Alpine:v3.11 / libexif
Package
- Name
- libexif
- Purl
- pkg:apk/alpine/libexif?arch=source
Alpine:v3.12 / libexif
Package
- Name
- libexif
- Purl
- pkg:apk/alpine/libexif?arch=source
Alpine:v3.8 / libexif
Package
- Name
- libexif
- Purl
- pkg:apk/alpine/libexif?arch=source