Contact | Site en Français               

 


 

Vulnerabilities & Threats
 
  VUPEN Security Advisories
  Linux Security Advisories

  Malware Advisories
  Security Research
  Threat Watch Blog
  Zero-Day Monitor
  Search Engine
  Mailing List & RSS
 
   

>> Fedora Security Update Fixes Libexif "exif_data_load_data_entry()" Integer Overflow

Title : Fedora Security Update Fixes Libexif "exif_data_load_data_entry()" Integer Overflow
VUPEN ID : VUPEN/ADV-2007-2029
CVE ID : CVE-2007-2645
Rated as : High Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-06-04

Technical Description    Receive VUPEN Security alerts in a Text format  Receive VUPEN Security alerts in a PDF format  Receive VUPEN Security alerts in an XML format  Receive VUPEN Security notifications by SMS 

A vulnerability has been identified in Fedora, which could be exploited by attackers to execute arbitrary code. This issue is caused by an error in Libexif. For additional information, see : VUPEN/ADV-2007-1761

Affected Products

Fedora Core 7

Solution

Upgrade the affected packages :

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/7/

259b0a93b4e96c33c24a75a6d0b312120ac530bf libexif-devel-0.6.15-1.fc7.ppc64.rpm
1e2453c2ca793bcda0729db3cd45b1fa18c21685 libexif-debuginfo-0.6.15-1.fc7.ppc64.rpm
66ed02a08e52eab0d06d120e521ca23ff33679f3 libexif-0.6.15-1.fc7.ppc64.rpm
13c1a5cd5a17155825bf0d77584086fd87f6810a libexif-debuginfo-0.6.15-1.fc7.i386.rpm
052b7d7fdfefbf2c5e18a1b31f2256e00d61d622 libexif-devel-0.6.15-1.fc7.i386.rpm
0494958fb4278f7c859bfa23afaf0eed6e47ed1b libexif-0.6.15-1.fc7.i386.rpm
2fcd5d419e690eff68a9845e9a51d81665ed82d4 libexif-debuginfo-0.6.15-1.fc7.x86_64.rpm
b8904b86c20a7dbc39d9d58164c0258789469c6c libexif-0.6.15-1.fc7.x86_64.rpm
8d8657eb0e463125bea71b1b97d8c6613e73ffd0 libexif-devel-0.6.15-1.fc7.x86_64.rpm
a5e9d7f1d81bb295a13f30681f7eac8b517b47e1 libexif-0.6.15-1.fc7.ppc.rpm
e47125d9b3919724edffb544101305c3dd8e2a4c libexif-debuginfo-0.6.15-1.fc7.ppc.rpm
fe35d26972c90154cb285534be03bebba4be315b libexif-devel-0.6.15-1.fc7.ppc.rpm
500a6a4fda130d4fe4025d6f64feddd29ebac275 libexif-0.6.15-1.fc7.src.rpm

References

http://www.vupen.com/english/advisories/2007/2029
https://www.redhat.com/archives/fedora-package-announce/2007-May/msg00078.html

ChangeLog

2007-06-04 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.
 

Vulnerability Alerting

Free 14-Day Trial
 
  Latest News

 

  >> 2009-06-10

     

  VUPEN Security Research
  Discovered Critical Flaws
  in Adobe Acrobat and MS
  Office Word


  >> 2009-06-02

     

  VUPEN Security Research
  Discovered Critical Flaws
  in ACDSee Products


  >> 2009-05-22

     

  VUPEN Discovered Two
  Critical Vulnerabilities in
  Novell GroupWise 8 / 7


  >> 2009-05-12

     

  Microsoft Patched 14
  Office PowerPoint Flaws

 

  >> 2009-04-28

     

  Adobe Reader / Acrobat
  Vulnerabilities Disclosed

 

 

More Informations    
    








Copyright 2003-2009 © VUPEN.COM - Privacy Policy