Mandriva Update For Libexif MDKSA-2007:128 (libexif) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Another integer overflow was found in the way libexif parses EXIF image tags. An individual who opened a carefully-crafted EXIF image file could cause the application linked against libexif to crash or possibly execute arbitrary code. Updated packages have been patched to prevent this issue.

Affected

libexif on Mandriva Linux 2007.0, Mandriva Linux 2007.0/X86_64, Mandriva Linux 2007.1, Mandriva Linux 2007.1/X86_64

Severity

Classification

CVE CVE-2006-4168

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:040 (dia)
Mandrake Security Advisory MDVSA-2009:180 (compface)
Mandrake Security Advisory MDVSA-2009:004 (pam_mount)
Mandrake Security Advisory MDVSA-2009:082 (krb5)
Mandrake Security Advisory MDVSA-2009:114 (ipsec-tools)

Mandriva Update for libexif MDKSA-2007:128 (libexif)

Take action and discover your vulnerabilities