Oval Definition:	oval:org.mitre.oval:def:23962
Revision Date: 2014-05-26 Version: 40 Title: ELSA-2012:1255: libexif security update (Moderate) Description: Integer underflow in the exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 might allow remote attackers to execute arbitrary code via vectors involving a crafted buffer-size parameter during the formatting of an EXIF tag, leading to a heap-based buffer overflow. Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2012-2812 CVE-2012-2813 CVE-2012-2814 CVE-2012-2836 CVE-2012-2837 CVE-2012-2840 CVE-2012-2841 ELSA-2012:1255-01 Platform(s): Oracle Linux 5 Oracle Linux 6 Product(s): libexif Definition Synopsis rpm test Oracle Linux 5.x AND rpm test libexif-devel is earlier than 0:0.6.21-1.el5_8 OR libexif is earlier than 0:0.6.21-1.el5_8 OR rpm test Oracle Linux 6.x AND rpm test libexif-devel is earlier than 0:0.6.21-5.el6_3 OR libexif is earlier than 0:0.6.21-5.el6_3
BACK