#234701: A Security Vulnerability in Solaris 10 libexif May Allow Code Execution or a Denial of Service (DoS) Condition

A Security Vulnerability in Solaris 10 libexif May Allow Code Execution or a Denial of Service (DoS) Condition

Category :	Security
Release Phase :	Resolved
Bug Id :	6652301
Product :	Solaris 10 Operating System
Date of Resolved Release :	18-Mar-2008

A Security Vulnerability in Solaris 10 libexif (see below for details):

1. Impact

A security vulnerability in the libexif image processing library shipped with Solaris 10 may allow a remote unprivileged user who provides an image with a crafted EXIF tag to execute arbitrary code with the privileges of a local user who opens that image. Furthermore, a remote user may be able to cause a Denial of Service (DoS) to an application that reads a crafted EXIF image using the libexif library.

This issue may occur with applications linked against the libexif library including (but not limited to), the Eye of Gnome (eog(1)) application, which is distributed as part of the Java Desktop System.

Additional references:

CVE-2007-6352 at: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6352

2. Contributing Factors

This issue can occur in the following releases:

SPARC Platform

Solaris 10 without patch 121095-02

x86 Platform

Solaris 10 without patch 121096-02

Note: Solaris 8 and Solaris 9 are not impacted by this issue.

3. Symptoms

There are no predictable symptoms that would indicate the described issue has been exploited.

4. Workaround

To avoid the described issue, do not load images from untrusted sources using applications which make use of the libexif library.

5. Resolution

This issue is addressed in the following releases:

SPARC Platform

Solaris 10 with patch 121095-02 or later

x86 Platform

Solaris 10 with patch 121096-02 or later

For more information on Security Sun Alerts, see Technical Instruction ID 213557 at:
http://sunsolve.sun.com/search/document.do?assetkey=1-61-213557-1

This Sun Alert notification is being provided to you on an "AS IS" basis. This Sun Alert notification may contain information provided by third parties. The issues described in this Sun Alert notification may or may not impact your system(s). Sun makes no representations, warranties, or guarantees as to the information contained herein. ANY AND ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT, ARE HEREBY DISCLAIMED. BY ACCESSING THIS DOCUMENT YOU ACKNOWLEDGE THAT SUN SHALL IN NO EVENT BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES THAT ARISE OUT OF YOUR USE OR FAILURE TO USE THE INFORMATION CONTAINED HEREIN. This Sun Alert notification contains Sun proprietary and confidential information. It is being provided to you pursuant to the provisions of your agreement to purchase services from Sun, or, if you do not have such an agreement, the Sun.com Terms of Use. This Sun Alert notification may only be used for the purposes contemplated by these agreements.

Copyright 2000-2008 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, CA 95054 U.S.A. All rights reserved.

Attachments

This solution has no attachment

1. Impact

2. Contributing Factors

3. Symptoms

4. Workaround

5. Resolution

Login Required

Login Required