Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations
NameCVE-2016-6328First vendor Publication2018-10-31
VendorCveLast vendor Modification2019-10-09

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:N/A:P)
Cvss Base Score5.8Attack RangeNetwork
Cvss Impact Score4.9Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

A vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of the input file. This can cause Denial-of-Service (DoS) and Information Disclosure (disclosing some critical heap chunk metadata, even other applications' private data).

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6328

CWE : Common Weakness Enumeration

%idName
100 %CWE-190Integer Overflow or Wraparound (CWE/SANS Top 25)

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1

Nessus® Vulnerability Scanner

DateDescription
2018-01-15Name : The remote Fedora host is missing a security update.
File : fedora_2017-b24ef59f94.nasl - Type : ACT_GATHER_INFO
2018-01-10Name : The remote Fedora host is missing a security update.
File : fedora_2017-c28bfe0986.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-6328

Alert History

If you want to see full details history, please login or register.
0
1
2
DateInformations
2019-10-10 05:19:33
  • Multiple Updates
2019-01-31 00:18:53
  • Multiple Updates
2018-11-01 05:18:37
  • First insertion