Download
| Alert*
|
oval:org.secpod.oval:def:602843
It was discovered that jhead, a tool to manipulate the non-image part of EXIF compliant JPEG files, is prone to an out-of-bounds access vulnerability, which may result in denial of service or, potentially, the execution of arbitrary code if an image with specially crafted EXIF data is processed. oval:org.secpod.oval:def:602844 jhead is installed oval:org.secpod.oval:def:114109 jhead is installed oval:org.secpod.oval:def:2000079 An integer underflow bug in the process_EXIF function of the exif.c file of jhead 3.00 raises a heap-based buffer over-read when processing a malicious JPEG file, which may allow a remote attacker to cause a denial-of-service attack or unspecified other impact. oval:org.secpod.oval:def:114108 Jhead displays and manipulates the non-image portions of EXIF formatted JPEG images, such as the images produced by most digital cameras. oval:org.secpod.oval:def:114157 Jhead displays and manipulates the non-image portions of EXIF formatted JPEG images, such as the images produced by most digital cameras. oval:org.secpod.oval:def:3301241 SUSE Security Update: Security update for jhead oval:org.secpod.oval:def:93899 jhead: Manipulate the non-image part of Exif compliant JPEG files Several security issues were fixed in Jhead. oval:org.secpod.oval:def:117546 Jhead displays and manipulates the non-image portions of EXIF formatted JPEG images, such as the images produced by most digital cameras. oval:org.secpod.oval:def:117542 Jhead displays and manipulates the non-image portions of EXIF formatted JPEG images, such as the images produced by most digital cameras. oval:org.secpod.oval:def:708484 jhead: Manipulate the non-image part of Exif compliant JPEG files Jhead could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:95042 jhead: Manipulate the non-image part of Exif compliant JPEG files Jhead could be made to crash if it opened a specially crafted file. oval:org.secpod.oval:def:610293 Jhead, a tool for manipulating EXIF data embedded in JPEG images, allowed attackers to execute arbitrary OS commands by placing them in a JPEG filename and then using the regeneration -rgt50, -autorot or -ce option. In addition a buffer overflow error in exif.c has been addressed which could lead to ... oval:org.secpod.oval:def:3300100 SUSE Security Update: Security update for jhead oval:org.secpod.oval:def:3301201 SUSE Security Update: Security update for jhead oval:org.secpod.oval:def:88438 Jhead, a tool for manipulating EXIF data embedded in JPEG images, allowed attackers to execute arbitrary OS commands by placing them in a JPEG filename and then using the regeneration -rgt50, -autorot or -ce option. In addition a buffer overflow error in exif.c has been addressed which could lead to ... oval:org.secpod.oval:def:3302046 Security update for jhead |
