Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Debian Security Advisory DSA 2559-1 (libexif)

Information

Severity

Severity

High

Family

Family

Debian Local Security Checks

CVSSv2 Base

CVSSv2 Base

7.5

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Solution Type

Solution Type

Vendor Patch

Created

Created

11 years ago

Modified

Modified

5 years ago

Summary

The remote host is missing an update to libexif announced via advisory DSA 2559-1.

Insight

Insight

Several vulnerabilities were found in libexif, a library used to parse EXIF meta-data on camera files. CVE-2012-2812: A heap-based out-of-bounds array read in the exif_entry_get_value function allows remote attackers to cause a denial of service or possibly obtain potentially sensitive information from process memory via an image with crafted EXIF tags. CVE-2012-2813: A heap-based out-of-bounds array read in the exif_convert_utf16_to_utf8 function allows remote attackers to cause a denial of service or possibly obtain potentially sensitive information from process memory via an image with crafted EXIF tags. CVE-2012-2814: A buffer overflow in the exif_entry_format_value function allows remote attackers to cause a denial of service or possibly execute arbitrary code via an image with crafted EXIF tags. CVE-2012-2836: A heap-based out-of-bounds array read in the exif_data_load_data function allows remote attackers to cause a denial of service or possibly obtain potentially sensitive information from process memory via an image with crafted EXIF tags. CVE-2012-2837: A divide-by-zero error in the mnote_olympus_entry_get_value function while formatting EXIF maker note tags allows remote attackers to cause a denial of service via an image with crafted EXIF tags. CVE-2012-2840: An off-by-one error in the exif_convert_utf16_to_utf8 function allows remote attackers to cause a denial of service or possibly execute arbitrary code via an image with crafted EXIF tags. CVE-2012-2841: An integer underflow in the exif_entry_get_value function can cause a heap overflow and potentially arbitrary code execution while formatting an EXIF tag, if the function is called with a buffer size parameter equal to zero or one. For the stable distribution (squeeze), these problems have been fixed in version 0.6.19-1+squeeze1. For the testing distribution (wheezy), these problems have been fixed in version 0.6.20-3. For the unstable distribution (sid), these problems have been fixed in version 0.6.20-3.

Solution

Solution

We recommend that you upgrade your libexif packages.