Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.703808
Kategorie:Debian Local Security Checks
Titel:Debian Security Advisory DSA 3808-1 (imagemagick - security update)
Zusammenfassung:This update fixes several vulnerabilities in imagemagick: Various memory;handling problems and cases of missing or incomplete input sanitising;may result in denial of service or the execution of arbitrary code if;malformed TGA, Sun or PSD files are processed.;;This update also fixes visual artefacts when running -sharpen on CMYK;images (no security impact, but piggybacked on top of the security;update with approval of the Debian stable release managers since it's;a regression in jessie compared to wheezy).
Beschreibung:Summary:
This update fixes several vulnerabilities in imagemagick: Various memory
handling problems and cases of missing or incomplete input sanitising
may result in denial of service or the execution of arbitrary code if
malformed TGA, Sun or PSD files are processed.

This update also fixes visual artefacts when running -sharpen on CMYK
images (no security impact, but piggybacked on top of the security
update with approval of the Debian stable release managers since it's
a regression in jessie compared to wheezy).

Affected Software/OS:
imagemagick on Debian Linux

Solution:
For the stable distribution (jessie), these problems have been fixed in
version 8:6.8.9.9-5+deb8u8.

For the upcoming stable distribution (stretch), these problems have been
fixed in version 8:6.9.7.4+dfsg-2.

For the unstable distribution (sid), these problems have been fixed in
version 8:6.9.7.4+dfsg-2.

We recommend that you upgrade your imagemagick packages.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2017-6498
BugTraq ID: 96591
http://www.securityfocus.com/bid/96591
Debian Security Information: DSA-3808 (Google Search)
http://www.debian.org/security/2017/dsa-3808
Common Vulnerability Exposure (CVE) ID: CVE-2017-6499
BugTraq ID: 96590
http://www.securityfocus.com/bid/96590
Common Vulnerability Exposure (CVE) ID: CVE-2017-6500
BugTraq ID: 96592
http://www.securityfocus.com/bid/96592
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.