Oval Definition:oval:org.mitre.oval:def:20665
Revision Date:2014-02-24Version:100
Title:RHSA-2012:1255: libexif security update (Moderate)
Description:Integer underflow in the exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 might allow remote attackers to execute arbitrary code via vectors involving a crafted buffer-size parameter during the formatting of an EXIF tag, leading to a heap-based buffer overflow.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CESA-2012:1255
CVE-2012-2812
CVE-2012-2813
CVE-2012-2814
CVE-2012-2836
CVE-2012-2837
CVE-2012-2840
CVE-2012-2841
RHSA-2012:1255-01
Platform(s):CentOS Linux 5
CentOS Linux 6
Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
Product(s):libexif
Definition Synopsis
  • Operation system section
  • Redhat 5 or Centos 5 release
  • The operating system installed on the system is Red Hat Enterprise Linux 5
  • OR The operating system installed on the system is CentOS Linux 5.x
  • AND Packages section
  • libexif-devel is earlier than 0:0.6.21-1.el5_8
  • OR libexif is earlier than 0:0.6.21-1.el5_8
  • Operation system section
  • Redhat 6 or Centos 6 release
  • The operating system installed on the system is Red Hat Enterprise Linux 6
  • OR The operating system installed on the system is CentOS Linux 6.x
  • AND Packages section
  • libexif-devel is earlier than 0:0.6.21-5.el6_3
  • OR libexif is earlier than 0:0.6.21-5.el6_3
    • BACK