CVE-2017-7544
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2017-7544
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c caused by improper length computation of the allocated data of an ExifMnote entry which can cause denial-of-service or possibly information disclosure.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
跨界内存读
Source: NVD (National Vulnerability Database)
Vulnerability Title
libexif 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
libexif是一个使用C语言编写的函数库,用于从图形文件中读写EXIF元信息。 libexif 0.6.21及之前的版本中的libexif/exif-data.c文件的‘exif_data_save_data_entry’函数存在安全漏洞,该漏洞源于程序没有正确的计算分配数据的长度。攻击者可利用该漏洞造成拒绝服务或获取信息。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Red Hat, Inc. | libexif | through 0.6.21 | - |
II. Public POCs for CVE-2017-7544
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2017-7544
请登录查看更多情报信息。
- https://sourceforge.net/p/libexif/bugs/130/x_refsource_MISC
- http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00017.htmlvendor-advisoryx_refsource_SUSE
- https://nvd.nist.gov/vuln/detail/CVE-2017-7544
Same Patch Batch · Red Hat, Inc. · 2017-09-21 · 3 CVEs total
| CVE-2017-12170 | Fedora pure-ftpd 配置错误漏洞 | |
| CVE-2017-7549 | Red Hat OpenStack Platform 后置链接漏洞 |
IV. Related Vulnerabilities
Same weakness: CWE-125
- CVE-2026-8177
XML::LibXML versions through 2.0210 for Perl read out-of-bou - CVE-2026-6104
Global buffer over-read in mb_convert_encoding() with attack - CVE-2026-7258
Out-of-bounds read in urldecode() on NetBSD - CVE-2026-8186
Open5GS NF client.c ogs_sbi_client_send_via_scp_or_sepp out- - CVE-2026-3508
ASUS System Control Interface 缓冲区错误漏洞
V. Comments for CVE-2017-7544
No comments yet