FreeBSD : libexif -- buffer overflow vulnerability (624fe633-9006-11d9-a22c-0001020eed82)

low Nessus Plugin ID 18957

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Sylvain Defresne reports that libexif is vulnerable to a buffer overflow vulnerability due to insufficient input checking. This could lead crash of applications using libexif.

Solution

Update the affected package.

See Also

https://bugs.launchpad.net/ubuntu/+source/libexif/+bug/13499

http://www.nessus.org/u?2bea5802

Plugin Details

Severity: Low

ID: 18957

File Name: freebsd_pkg_624fe633900611d9a22c0001020eed82.nasl

Version: 1.17

Type: local

Published: 7/13/2005

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Low

Base Score: 2.6

Temporal Score: 1.9

Vector: CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:libexif, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Ease: No known exploits are available

Patch Publication Date: 3/8/2005

Vulnerability Publication Date: 3/3/2005

Reference Information

CVE: CVE-2005-0664

BID: 12744