=========================================================== Ubuntu Security Notice USN-91-1 March 07, 2005 libexif vulnerabilities https://bugzilla.ubuntulinux.org/7152 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The following packages are affected: libexif10 The problem can be corrected by upgrading the affected package to version 0.6.9-1ubuntu0.1. In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Sylvain Defresne discovered that the EXIF library did not properly validate the structure of the EXIF tags. By tricking a user to load an image with a malicious EXIF tag, an attacker could exploit this to crash the process using the library, or even execute arbitrary code with the privileges of the process.