[libexiv2] [CVE-2007-6353] possibility of arbitrary code execution
Bug #181714 reported by
disabled.user
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
exiv2 (Debian) |
Fix Released
|
Unknown
|
|||
exiv2 (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Dapper |
Won't Fix
|
Medium
|
Unassigned | ||
Feisty |
Fix Released
|
Medium
|
Kees Cook | ||
Gutsy |
Fix Released
|
Medium
|
Kees Cook |
Bug Description
Binary package hint: libexiv2-0
References:
SUSE-SR:2008:001
Quoting:
"Meder Kydyraliev of Google found out that specially crafted
files could trigger an integer overflow in the libexiv2 library,
potentially causing code execution (CVE-2007-6353)."
CVE References
Changed in exiv2: | |
status: | Unknown → Fix Released |
To post a comment you must log in.
Fixed in 0.16, hardy has 0.16-3ubuntu1