SB2012072529 - Integer underflow in libexif (Alpine package)
Published: July 25, 2012
Security Bulletin ID
SB2012072529
Severity
High
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Integer underflow (CVE-ID: CVE-2012-2841)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer underflow in the exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library. A remote attacker can create a specially crafted file and execute arbitrary code via vectors involving a crafted buffer-size parameter during the formatting of an EXIF tag, leading to a heap-based buffer overflow.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Remediation
Install update from vendor's website.
References
- https://git.alpinelinux.org/aports/commit/?id=5dea23e076ed7123339473f529d74d8a9362e7c6
- https://git.alpinelinux.org/aports/commit/?id=726529dabef044127d02831c4b26fa6c6fc9d5f5
- https://git.alpinelinux.org/aports/commit/?id=7d1a8137daa5c1f5312ad957dc1857027b8999df
- https://git.alpinelinux.org/aports/commit/?id=9959b863135bbaa1251dbddfa038c9256e155702
- https://git.alpinelinux.org/aports/commit/?id=cc9c8ab403cd5dfa204be58c326dd98d0702d70c
- https://git.alpinelinux.org/aports/commit/?id=06c00380098485f50412c75cbffb75a9764ea549
- https://git.alpinelinux.org/aports/commit/?id=0945eb55f2b2645eda75587579421dcbb93d7006
- https://git.alpinelinux.org/aports/commit/?id=b8e5bb1c9488b158a055c14fb1b78e087cc14e85