CVE-2016-6328
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2016-6328
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of the input file. This can cause Denial-of-Service (DoS) and Information Disclosure (disclosing some critical heap chunk metadata, even other applications' private data).
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
整数溢出或超界折返
Source: NVD (National Vulnerability Database)
Vulnerability Title
libexif 数字错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
libexif是一个使用C语言编写的函数库,用于从图形文件中读写EXIF元信息。 libexif中存在整数溢出漏洞。攻击者可利用该漏洞造成拒绝服务和信息泄露(包括:重要堆块的元数据或其他应用程序的敏感数据)。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2016-6328
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | None | https://github.com/Pazhanivelmani/libexif_Android10_r33_CVE-2016-6328 | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2016-6328
Please Login to view more intelligence information
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-6328x_refsource_CONFIRM
- http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00017.htmlvendor-advisoryx_refsource_SUSE
- https://nvd.nist.gov/vuln/detail/CVE-2016-6328
Same Patch Batch · [UNKNOWN] · 2018-10-31 · 6 CVEs total
| CVE-2018-14651 | Red Hat Gluster 安全漏洞 | |
| CVE-2016-2125 | Samba 输入验证错误漏洞 | |
| CVE-2016-2121 | Redis Labs Redis 权限许可和访问控制问题漏洞 | |
| CVE-2016-5402 | Red Hat CloudForms Management Engine 代码注入漏洞 | |
| CVE-2016-6343 | Red Hat JBoss BPM Suite 跨站脚本漏洞 |
IV. Related Vulnerabilities
Same weakness: CWE-190
- CVE-2026-42311
Pillow: OOB Write with Invalid PSD Tile Extents (Integer Ove - CVE-2026-42308
Pillow: Integer overflow when processing fonts - CVE-2026-6664
PgBouncer integer overflow in PgBouncer network packet parsi - CVE-2026-42199
Grid: Integer Overflow in Grid::expand_rows Leads to Safe-AP - CVE-2026-42217
OpenEXR: Shift exponent overflow in `readVariableLengthInteg
V. Comments for CVE-2016-6328
No comments yet