Ubuntu Update for exiv2 vulnerabilities USN-655-1

Summary
Ubuntu Update for Linux kernel vulnerabilities USN-655-1
Solution
Please Install the Updated Packages.
Insight
Meder Kydyraliev discovered that exiv2 did not correctly handle certain EXIF headers. If a user or automated system were tricked into processing a specially crafted image, a remote attacker could cause the application linked against libexiv2 to crash, leading to a denial of service, or possibly executing arbitrary code with user privileges. (CVE-2007-6353) Joakim Bildrulle discovered that exiv2 did not correctly handle Nikon lens EXIF information. If a user or automated system were tricked into processing a specially crafted image, a remote attacker could cause the application linked against libexiv2 to crash, leading to a denial of service. (CVE-2008-2696)
Affected
exiv2 vulnerabilities on Ubuntu 7.04 , Ubuntu 7.10 , Ubuntu 8.04 LTS
References