Mandriva Linux Security Advisory : exif (MDVSA-2012:107)
Medium Nessus Plugin ID 61960
SynopsisThe remote Mandriva Linux host is missing a security update.
DescriptionA vulnerability has been discovered and corrected in exif :
An integer overflow in the function jpeg_data_load_data in the exif program could cause a data read beyond the end of a buffer, causing an application crash or leakage of potentially sensitive information when parsing a crafted JPEG file (CVE-2012-2845).
The updated packages have been upgraded to the 0.6.21 version which is not vulnerable to this issue.
SolutionUpdate the affected exif package.