Full Disclosure mailing list archives
FLEA-2007-0028-1: libexif
From: Foresight Linux Essential Announcement Service <foresight-security-noreply () foresightlinux org>
Date: Fri, 22 Jun 2007 14:56:09 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Foresight Linux Essential Advisory: 2007-0028-1 Published: 2007-06-22 Rating: Moderate Updated Versions: libexif=/conary.rpath.com@rpl:devel//foresight.rpath.org@fl:1-devel//1/0.6.16-0.1-1 group-dist=/foresight.rpath.org@fl:1-devel//1/1.3.1-0.1-3 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4168 Description: Previous versions of the libexif package are vulnerable to an int overflow which could allow a specially-crafted EXIF file to execute arbitrary code on the target system. - --- Copyright 2007 Foresight Linux Project This file is distributed under the terms of the MIT License. A copy is available at http://www.foresightlinux.org/permanent/mit-license.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (GNU/Linux) iQIVAwUBRnwbC9fwEn07iAtZAQKQOBAAqUaml9axC50rzgCIIbZbdxTLdYPT18QG 6yl0/ntsWZMX02gIvtmlc1BFRXE7HbiSlKyseEDtXQAG1QzhhwcAPvTj8np/lYEG FKhw7DwexuERkuPXdOdObLI5oaAoe6v7nZxzHC41mNZWWgpKzMQZwQjvwrO2NPHO mBOM8e7fNFFhNckdf3lIzZbZRwrNObb9WL3BBhs/9ikUSkDi29Rb/BiONOWsKWvK qs4xvKRBsA626Ux0Jhqfb4O8jB49f0SiKU4jpThyMMA7jt2pYJaiIwGSncscFble +8if/FSUnFbqr6fdSPKDywNkcmWtIFFOi/TYkWZU+Gz8tr2iWEKSmZQI5D5EYTji UW5cNJVLBxgGwyGCHFLPRMn6Nz/8V6f8LqCcC07kKJrAD1A9Wc+XEJpovay36wjm 4HBEASvnJqr/nlpAVFr6rcqeFBaSTUhLE+/Du6G+xfAd7lpLpfGP5AJlLDUHY1tK NCOUOwodWPiA/R+FASs07haysILd8hAtEZ3aYwW0amgd2osupobtzFBp7mkZhwDr cqwO1AS4KycGfqOPnvWYPL5RG7P3Iohboyg9TFIcl/vEVB2q+cCG20FzC5eigroe z52OIVxFE9/jmJhIjJPRlyC9t+/QfNK94w3BCYPKCEbHZoJP12Lo+qelbuM0gE4K sHnsx6sI0Ic= =Gv8n -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- FLEA-2007-0028-1: libexif Foresight Linux Essential Announcement Service (Jun 22)
- <Possible follow-ups>
- FLEA-2007-0028-1: libexif Foresight Linux Essential Announcement Service (Jun 22)
- FLEA-2007-0028-1: libexif Foresight Linux Essential Announcement Service (Jun 22)