Mandrake Security Advisory MDKSA-2006:227 (kdegraphics)

ID de Prueba: 57706
Categoría: Mandrake Local Security Checks
Título: Mandrake Security Advisory MDKSA-2006:227 (kdegraphics)
Resumen: Mandrake Security Advisory MDKSA-2006:227 (kdegraphics)
Descripción:
The remote host is missing an update to kdegraphics
announced via advisory MDKSA-2006:227.

Stack overflow in the KFILE JPEG (kfile_jpeg) plugin in kdegraphics3,
as used by konqueror, digikam, and other KDE image browsers, allows
remote attackers to cause a denial of service (stack consumption) via a
crafted EXIF section in a JPEG file, which results in an infinite
recursion.

The updated packages have been patched to correct this issue.

Affected: 2007.0, Corporate 3.0, Corporate 4.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2006:227

Risk factor : High
Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-6297