ID de Prueba:	1.3.6.1.4.1.25623.1.0.60029
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2007:1166
Resumen:	Redhat Security Advisory RHSA-2007:1166
Descripción:	The remote host is missing updates announced in advisory RHSA-2007:1166. The libexif packages contain the Exif library. Exif is an image file format specification that enables metadata tags to be added to existing JPEG, TIFF and RIFF files. The Exif library makes it possible to parse an Exif file and read this metadata. An integer overflow flaw was found in the way libexif parses Exif image tags. If a victim opens a carefully crafted Exif image file, it could cause the application linked against libexif to execute arbitrary code, or crash. (CVE-2007-6352) Users of libexif are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2007-1166.html http://www.redhat.com/security/updates/classification/#moderate Risk factor : High
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-6352 Bugtraq: 20080105 rPSA-2008-0006-1 libexif (Google Search) http://www.securityfocus.com/archive/1/archive/1/485822/100/0/threaded https://bugzilla.redhat.com/show_bug.cgi?id=425561 Debian Security Information: DSA-1487 (Google Search) http://www.debian.org/security/2008/dsa-1487 https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00597.html https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00626.html http://security.gentoo.org/glsa/glsa-200712-15.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:005 http://www.redhat.com/support/errata/RHSA-2007-1165.html http://www.redhat.com/support/errata/RHSA-2007-1166.html http://sunsolve.sun.com/search/document.do?assetkey=1-26-234701-1 SuSE Security Announcement: SUSE-SR:2008:002 (Google Search) http://www.novell.com/linux/security/advisories/suse_security_summary_report.html http://www.ubuntu.com/usn/usn-654-1 BugTraq ID: 26942 http://www.securityfocus.com/bid/26942 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11029 http://www.vupen.com/english/advisories/2007/4278 http://www.vupen.com/english/advisories/2008/0947/references http://osvdb.org/42653 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:4814 http://www.securitytracker.com/id?1019124 http://secunia.com/advisories/28076 http://secunia.com/advisories/28127 http://secunia.com/advisories/28195 http://secunia.com/advisories/28266 http://secunia.com/advisories/28346 http://secunia.com/advisories/28400 http://secunia.com/advisories/28636 http://secunia.com/advisories/28776 http://secunia.com/advisories/29381 http://secunia.com/advisories/32274 XForce ISS Database: libexif-exifdataloaddatathumbnail-bo(39167) http://xforce.iss.net/xforce/xfdb/39167
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 32582 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

Registro de Nuevo Usuario Email: Usuario: Contraseña: Envíeme por email sus boletines mensuales, informándome los últimos servicios, mejoras y encuestas. Por favor envíeme por email un anuncio de prueba de vulnerabilidades siempre que se agregue una nueva prueba.     Privacidad

Ingreso de Usuario Registrado   Usuario:     Contraseña:     ¿Olvidó su usuario o contraseña?? Email/ID de Usario: