ID de Prueba:	1.3.6.1.4.1.25623.1.0.58553
Categoría:	Slackware Local Security Checks
Título:	Slackware: Security Advisory (SSA:2007-164-01)
Resumen:	The remote host is missing an update for the 'libexif' package(s) announced via the SSA:2007-164-01 advisory.
Descripción:	Summary: The remote host is missing an update for the 'libexif' package(s) announced via the SSA:2007-164-01 advisory. Vulnerability Insight: New libexif packages are available for Slackware 10.2, 11.0, and -current to fix a crash and potential security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: [link moved to references] Here are the details from the Slackware 11.0 ChangeLog: +--------------------------+ l/libexif-0.6.16-i486-1_slack11.0.tgz: Upgraded to libexif-0.6.16. An integer overflow in libexif can crash applications that use the library on malformed images. The upstream advisory indicates that this flaw could also be used to execute arbitrary code in the context of the user, but no exploit is known (by us) to exist among iDefense's researchers or in the wild. But, as a crash bug and heap overflow one must suppose that the possibility exists. [link moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'libexif' package(s) on Slackware 10.2, Slackware 11.0, Slackware current. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-4168
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.