oval:org.mitre.oval:def:7793

Definition Id: oval:org.mitre.oval:def:7793
 
Oval ID: oval:org.mitre.oval:def:7793
Title: DSA-1533 exiftags -- insufficient input sanitising
Description: Christian Schmid and Meder Kydyraliev (Google Security) discovered a number of vulnerabilities in exiftags, a utility for extracting EXIF metadata from JPEG images. The Common Vulnerabilities and Exposures project identified the following three problems: Inadequate EXIF property validation could lead to invalid memory accesses if executed on a maliciously crafted image, potentially including heap corruption and the execution of arbitrary code. Flawed data validation could lead to integer overflows, causing other invalid memory accesses, also with the potential for memory corruption or arbitrary code execution. Cyclical EXIF image file directory (IFD) references could cause a denial of service (infinite loop).
Family: unix Class: patch
Reference(s): DSA-1533
CVE-2007-6354
CVE-2007-6355
CVE-2007-6356
 Version: 3
Platform(s): Debian GNU/Linux 4.0
Debian GNU/Linux 3.1
 Product(s): exiftags
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6461
 
Oval ID: oval:org.mitre.oval:def:6461
Title: Debian GNU/Linux 4.0 is installed.
Description: Debian GNU/Linux 4.0 (etch) is installed
Family: unix Class: inventory
Reference(s): cpe:/o:debian:debian_gnu/linux:4.0
 Version: 9
Platform(s): Debian GNU/Linux 4.0
 Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:7793
Definition Id: oval:org.mitre.oval:def:7692
 
Oval ID: oval:org.mitre.oval:def:7692
Title: Debian GNU/Linux 3.1 is installed
Description: Debian GNU/Linux 3.1 (sarge) is installed
Family: unix Class: inventory
Reference(s): cpe:/o:debian:debian_gnu/linux:3.1
 Version: 7
Platform(s): Debian GNU/Linux 3.1
 Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:7793