Summary
The remote host is missing an update to php
announced via advisory MDVSA-2009:167.
Solution
To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:167 http://bugs.php.net/bug.php?id=48378
Insight
A vulnerability has been found and corrected in PHP:
- Fixed upstream bug #48378 (exif_read_data() segfaults on certain corrupted .jpeg files).
The updated packages have been patched to correct these issues.
Affected: Enterprise Server 5.0
Severity
Classification
-
CVE CVE-2009-2687 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P
Related Vulnerabilities