SuSE9 Security Update : libexif (YOU Patch Number 12045)
Medium Nessus Plugin ID 41185
SynopsisThe remote SuSE 9 host is missing a security-related patch.
DescriptionTwo bugs in libexif were identified by a Google Security Audit done by Meder Kydyraliev.
- Loading EXIF data could be used to cause a infinite recursion and crash. (CVE-2007-6351)
- Integer overflows in the thumbnail handler could be used to overflow buffers and potentially execute code or crash a program using libexif. (CVE-2007-6352)
SolutionApply YOU patch number 12045.