CVE-2007-6355 | Vulnerability Database | Aqua Security

Integer overflow in exiftags before 1.01 has unknown impact and attack vectors, resulting from a field offset overflow that triggers an illegal memory access, a different vulnerability than CVE-2007-6354.

Affected Software

Name	Vendor	Start Version	End Version
Exiftags	Aertherwide	*	1.00 (including)
Exiftags	Aertherwide	0.80 (including)	0.80 (including)
Exiftags	Aertherwide	0.90 (including)	0.90 (including)
Exiftags	Aertherwide	0.91 (including)	0.91 (including)
Exiftags	Aertherwide	0.92 (including)	0.92 (including)
Exiftags	Aertherwide	0.93 (including)	0.93 (including)
Exiftags	Aertherwide	0.94 (including)	0.94 (including)
Exiftags	Aertherwide	0.95 (including)	0.95 (including)
Exiftags	Aertherwide	0.96 (including)	0.96 (including)
Exiftags	Aertherwide	0.97 (including)	0.97 (including)
Exiftags	Aertherwide	0.98 (including)	0.98 (including)
Exiftags	Aertherwide	0.99 (including)	0.99 (including)
Exiftags	Ubuntu	dapper	*
Exiftags	Ubuntu	edgy	*
Exiftags	Ubuntu	feisty	*
Exiftags	Ubuntu	gutsy	*
Exiftags	Ubuntu	upstream	*

References

http://bugs.gentoo.org/show_bug.cgi?id=202354
http://johnst.org/sw/exiftags/CHANGES
http://secunia.com/advisories/28110
http://secunia.com/advisories/28268
http://secunia.com/advisories/29580
http://security.gentoo.org/glsa/glsa-200712-17.xml
http://www.debian.org/security/2008/dsa-1533
http://www.securityfocus.com/bid/26892
http://www.vupen.com/english/advisories/2007/4251

NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-6355
CWE	https://cwe.mitre.org/data/definitions/189.html