Summary
The remote host is missing an update to jhead
announced via advisory FEDORA-2009-1824.
Solution
Apply the appropriate updates.
This update can be installed with the yum update program. Use su -c 'yum update jhead' at the command line.
For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/.
https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-1824
Insight
Update Information:
* fixes CVE-2008-4640 jhead: arbitrary file deletion (#468056) * fixes CVE-2008-4641 jhead: command exection caused by incorrect handling of the shell escapes (#468057)
ChangeLog:
* Mon Feb 16 2009 Adrian Reber - 2.86-1
- updated to 2.86
- fixes CVE-2008-4640 jhead: arbitrary file deletion (#468056) - fixes CVE-2008-4641 jhead: command exection caused by incorrect handling of the shell escapes (#468057)
- fixes build ignores optflags (#485697)
References
Severity
Classification
-
CVE CVE-2008-4640, CVE-2008-4641 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities