Full Disclosure mailing list archives
FLEA-2007-0028-1: libexif
From: Foresight Linux Essential Announcement Service <foresight-security-noreply () foresightlinux org>
Date: Fri, 22 Jun 2007 13:46:52 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Foresight Linux Essential Advisory: 2007-0028-1 Published: 2007-06-22 Rating: Moderate Updated Versions: libexif=/conary.rpath.com@rpl:devel//foresight.rpath.org@fl:1-devel//1/0.6.16-0.1-1 group-dist=/foresight.rpath.org@fl:1-devel//1/1.3.1-0.1-3 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4168 Description: Previous versions of the libexif package are vulnerable to an int overflow which could allow a specially-crafted EXIF file to execute arbitrary code on the target system. - --- Copyright 2007 Foresight Linux Project This file is distributed under the terms of the MIT License. A copy is available at http://www.foresightlinux.org/permanent/mit-license.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (GNU/Linux) iQIVAwUBRnwLCdfwEn07iAtZAQJIiQ/+K+VOeSKwp0Mm7VCN2OUTCXVJ+ZNHA9Oa Ou8osSS7JKffFwvqOZu8OfEnrhYT+8oxQtkrXI+90TnQQNzbZYdlhHcVTFlXs1uM bDhAk9IpkSPMFptP8Z1S7bq+sVAcygU+o0pNQx3pe5xkNrGexwg/wXDHwjY3SJ4+ OcunQH6KYXT0lNzHOg42jb/B5PjVkF+3EW3GF/3nPIgnI/WI4pQ0YaUGNF3G328J WODqLoJFIMrJb2Yxo1hNiGl2iEw+/wzQRdGkVed2ERcp+2T2epzvdphkBd+3wdJv T04HbB6tVTxWaFPEwODtRZreco2Y2OWy3j5UobWQYt6Uu+/P/YEUxk15DCS5/XEC iPuHUBsweUZtbbG6P8YWZ76HlfhKjM69kuRIeAidPqdqCbQxMisiuccDZxUpPvrP NqQ0eZGI/2gGJpUaau71lhszSPGHPryiwQoFc+FdHJw9sycu5048MIPLkk78WDo7 Dp+BJIvbbJLVNllpVV7SNto5v9sEimGJ3KPZEXBjfT6Ke7q1G4wpsSTgxcW/OxaB GgQ2tnJy9NswPWE43Z438sbWHOCRLI9qliyYRVPTc1oD5PDCNCwt6sgNkaemicym LFnKjsxgsNIT5SF6fLI1kLHfDtGYQRrv8JHI/3To3Ex8ev8IRrX7Z8Jbuvbz7VNk tbiFxAvFJSI= =LLn3 -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- FLEA-2007-0028-1: libexif Foresight Linux Essential Announcement Service (Jun 22)
- <Possible follow-ups>
- FLEA-2007-0028-1: libexif Foresight Linux Essential Announcement Service (Jun 22)
- FLEA-2007-0028-1: libexif Foresight Linux Essential Announcement Service (Jun 22)