openSUSE 10 Security Update : libexif5 (libexif5-3724)

High Nessus Plugin ID 27320


The remote openSUSE host is missing a security update.


A denial of service problem (crash) was fixed in the EXIF Loader of libexif, which could be used to crash the browser or image viewer when it interprets the EXIF tags in prepared JPEG files. (CVE-2007-2645)


Update the affected libexif5 package.

Plugin Details

Severity: High

ID: 27320

File Name: suse_libexif5-3724.nasl

Version: $Revision: 1.8 $

Type: local

Agent: unix

Published: 2007/10/17

Modified: 2014/06/13

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:libexif5, cpe:/o:novell:opensuse:10.1

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 2007/06/21

Reference Information

CVE: CVE-2007-2645