CVE-2012-2841

Published: July 13, 2012Last modified: November 10, 2023

Description

Integer underflow in the exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 might allow remote attackers to execute arbitrary code via vectors involving a crafted buffer-size parameter during the formatting of an EXIF tag, leading to a heap-based buffer overflow.

Status

Product	Release	Package	Status
Alpaquita Linux	Stream	libexif	Not affected (0.6.24-r2)

References

http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00014.html
http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00015.html
http://rhn.redhat.com/errata/RHSA-2012-1255.html
http://secunia.com/advisories/49988
http://sourceforge.net/mailarchive/message.php?msg_id=29534027
http://www.debian.org/security/2012/dsa-2559
http://www.securityfocus.com/bid/54437
http://www.ubuntu.com/usn/USN-1513-1

How to Fix Liberica NIK Not Starting on macOS Catalina and Later

If you use macOS Catalina and later you may encounter the issue that prevents Liberica NIK from starting. To fix it, run the following:

sudo xattr -r -d com.apple.quarantine path/to/graalvm/folder/

If you need more help, check out the FAQ at the bottom of this page or contact us.