JHead: Multiple vulnerabilities — GLSA 200901-02

Multiple vulnerabilities in JHead might lead to the execution of arbitrary code or data loss.

Affected packages

media-gfx/jhead on all architectures
Affected versions < 2.84-r1
Unaffected versions >= 2.84-r1

Background

JHead is an exif jpeg header manipulation tool.

Description

Marc Merlin and John Dong reported multiple vulnerabilities in JHead:

  • A buffer overflow in the DoCommand() function when processing the cmd argument and related to potential string overflows (CVE-2008-4575).
  • An insecure creation of a temporary file (CVE-2008-4639).
  • A error when unlinking a file (CVE-2008-4640).
  • Insufficient escaping of shell metacharacters (CVE-2008-4641).

Impact

A remote attacker could possibly execute arbitrary code by enticing a user or automated system to open a file with a long filename or via unspecified vectors. It is also possible to trick a user into deleting or overwriting files.

Workaround

There is no known workaround at this time.

Resolution

All JHead users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=media-gfx/jhead-2.84-r1"

References

Release date
January 11, 2009

Latest revision
January 11, 2009: 01

Severity
normal

Exploitable
remote

Bugzilla entries