Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
A vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of the input file. This can cause Denial-of-Service (DoS) and Information Disclosure (disclosing some critical heap chunk metadata, even other applications' private data).
No PoCs from references.
- https://github.com/Pazhanivelmani/libexif_Android10_r33_CVE-2016-6328
- https://github.com/TinyNiko/android_bulletin_notes