Debian Linux Security Advisory 5294-1 - Jhead, a tool for manipulating EXIF data embedded in JPEG images, allowed attackers to execute arbitrary OS commands by placing them in a JPEG filename and then using the regeneration -rgt50, -autorot or -ce option. In addition a buffer overflow error in exif.c has been addressed which could lead to a denial of service (application crash).
846f31c24b7c73dc8673424e239ce05d73318c5abb0c7df57d7fab49c26db4b7