Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Ubuntu Local Security Checks --> Category: infos

USN91-1 : libexif vulnerabilities Vulnerability Scan

Vulnerability Scan Summary
libexif vulnerabilities

Detailed Explanation for this Vulnerability Test

Synopsis :

These remote packages are missing security patches :
- libexif-dev
- libexif10

Description :

Sylvain Defresne discovered that the EXIF library did not properly
validate the structure of the EXIF tags. By tricking a user to load an
image with a malicious EXIF tag, a possible hacker could exploit this to
crash the process using the library, or even execute arbitrary code
with the rights of the process.

Solution :

Upgrade to :
- libexif-dev-0.6.9-1ubuntu0.1 (Ubuntu 4.10)
- libexif10-0.6.9-1ubuntu0.1 (Ubuntu 4.10)

Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.