DSA-5294 jhead - security update - Cyber Security News

Read Time:17 Second

Jhead, a tool for manipulating EXIF data embedded in JPEG images, allowed
attackers to execute arbitrary OS commands by placing them in a JPEG filename
and then using the regeneration -rgt50, -autorot or -ce option. In addition a
buffer overflow error in exif.c has been addressed which could lead to a denial
of service (application crash).

More Stories

USN-7454-1: libarchive vulnerabilities

It was discovered that the libarchive bsdunzip utility incorrectly handled certain ZIP archive files. If a user or automated system...

USN-7453-1: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

USN-7452-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

USN-7451-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

USN-7450-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

USN-7449-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...