Synopsis: Moderate: libexif integer overflow
Issue date: 2007-06-14
CVE Names: CVE-2007-4168
An integer overflow flaw was found in the way libexif parses EXIF image
tags. If a victim opens a carefully crafted EXIF image file it could cause
the application linked against libexif to execute arbitrary code or crash.
(CVE-2007-4168)
SL 4.x
SRPMS:
libexif-0.5.12-5.1.0.2.src.rpm
i386:
libexif-0.5.12-5.1.0.2.i386.rpm
libexif-devel-0.5.12-5.1.0.2.i386.rpm
x86_64:
libexif-0.5.12-5.1.0.2.i386.rpm
libexif-0.5.12-5.1.0.2.x86_64.rpm
libexif-devel-0.5.12-5.1.0.2.x86_64.rpm
SL 5.x
SRPMS:
libexif-0.6.13-4.0.2.el5.src.rpm
i386:
libexif-0.6.13-4.0.2.el5.i386.rpm
libexif-devel-0.6.13-4.0.2.el5.i386.rpm
x86_64:
libexif-0.6.13-4.0.2.el5.i386.rpm
libexif-0.6.13-4.0.2.el5.x86_64.rpm
libexif-devel-0.6.13-4.0.2.el5.i386.rpm
libexif-devel-0.6.13-4.0.2.el5.x86_64.rpm
-Connie Sieh
-Troy Dawson