SuSE 10 Security Update : libexif (ZYPP Patch Number 4884)
Medium Nessus Plugin ID 29957
SynopsisThe remote SuSE 10 host is missing a security-related patch.
DescriptionTwo bugs in libexif were identified by a Google Security Audit done by Meder Kydyraliev.
- Loading EXIF data could be used to cause a infinite recursion and crash CVE-2007-6352: Integer overflows in the thumbnail handler could be used to overflow buffers and potentially execute code or crash a program using libexif. (CVE-2007-6351)
SolutionApply ZYPP patch number 4884.