Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.882532
Kategorie:CentOS Local Security Checks
Titel:CentOS Update for libtiff CESA-2016:1546 centos7
Zusammenfassung:Check the version of libtiff
Beschreibung:Summary:
Check the version of libtiff

Vulnerability Insight:
The libtiff packages contain a library of
functions for manipulating Tagged Image File Format (TIFF) files.

Security Fix(es):

* Multiple flaws have been discovered in libtiff. A remote attacker could
exploit these flaws to cause a crash or memory corruption and, possibly,
execute arbitrary code by tricking an application linked against libtiff
into processing specially crafted files. (CVE-2014-9655, CVE-2015-1547,
CVE-2015-8784, CVE-2015-8683, CVE-2015-8665, CVE-2015-8781, CVE-2015-8782,
CVE-2015-8783, CVE-2016-3990, CVE-2016-5320)

* Multiple flaws have been discovered in various libtiff tools (bmp2tiff,
pal2rgb, thumbnail, tiff2bw, tiff2pdf, tiffcrop, tiffdither, tiffsplit,
tiff2rgba). By tricking a user into processing a specially crafted file, a
remote attacker could exploit these flaws to cause a crash or memory
corruption and, possibly, execute arbitrary code with the privileges of the
user running the libtiff tool. (CVE-2014-8127, CVE-2014-8129,
CVE-2014-8130, CVE-2014-9330, CVE-2015-7554, CVE-2015-8668, CVE-2016-3632,
CVE-2016-3945, CVE-2016-3991)

Affected Software/OS:
libtiff on CentOS 7

Solution:
Please Install the Updated Packages.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2014-8127
BugTraq ID: 72323
http://www.securityfocus.com/bid/72323
Debian Security Information: DSA-3273 (Google Search)
http://www.debian.org/security/2015/dsa-3273
https://security.gentoo.org/glsa/201701-16
http://www.conostix.com/pub/adv/CVE-2014-8127-LibTIFF-Out-of-bounds_Reads.txt
http://www.openwall.com/lists/oss-security/2015/01/24/15
RedHat Security Advisories: RHSA-2016:1546
http://rhn.redhat.com/errata/RHSA-2016-1546.html
RedHat Security Advisories: RHSA-2016:1547
http://rhn.redhat.com/errata/RHSA-2016-1547.html
http://www.securitytracker.com/id/1032760
SuSE Security Announcement: openSUSE-SU-2015:0450 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-03/msg00022.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-8129
http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html
http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html
BugTraq ID: 72352
http://www.securityfocus.com/bid/72352
https://www.debian.org/security/2015/dsa-3273
http://bugzilla.maptools.org/show_bug.cgi?id=2487
http://bugzilla.maptools.org/show_bug.cgi?id=2488
http://www.conostix.com/pub/adv/CVE-2014-8129-LibTIFF-Out-of-bounds_Reads_and_Writes.txt
http://openwall.com/lists/oss-security/2015/01/24/15
Common Vulnerability Exposure (CVE) ID: CVE-2014-8130
BugTraq ID: 72353
http://www.securityfocus.com/bid/72353
http://www.conostix.com/pub/adv/CVE-2014-8130-LibTIFF-Division_By_Zero.txt
Common Vulnerability Exposure (CVE) ID: CVE-2014-9330
BugTraq ID: 71789
http://www.securityfocus.com/bid/71789
http://seclists.org/fulldisclosure/2014/Dec/97
http://www.securitytracker.com/id/1031442
Common Vulnerability Exposure (CVE) ID: CVE-2014-9655
Debian Security Information: DSA-3467 (Google Search)
http://www.debian.org/security/2016/dsa-3467
http://openwall.com/lists/oss-security/2015/02/07/5
Common Vulnerability Exposure (CVE) ID: CVE-2015-1547
BugTraq ID: 73438
http://www.securityfocus.com/bid/73438
http://openwall.com/lists/oss-security/2015/01/24/16
Common Vulnerability Exposure (CVE) ID: CVE-2015-7554
BugTraq ID: 79699
http://www.securityfocus.com/bid/79699
Bugtraq: 20151226 libtiff: invalid write (CVE-2015-7554) (Google Search)
http://www.securityfocus.com/archive/1/537205/100/0/threaded
http://seclists.org/fulldisclosure/2015/Dec/119
http://packetstormsecurity.com/files/135078/libtiff-4.0.6-Invalid-Write.html
http://www.openwall.com/lists/oss-security/2015/12/26/7
SuSE Security Announcement: openSUSE-SU-2016:0212 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-01/msg00078.html
SuSE Security Announcement: openSUSE-SU-2016:0215 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-01/msg00081.html
SuSE Security Announcement: openSUSE-SU-2016:0252 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-01/msg00100.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-8665
BugTraq ID: 79728
http://www.securityfocus.com/bid/79728
http://www.openwall.com/lists/oss-security/2015/12/24/2
http://www.openwall.com/lists/oss-security/2015/12/24/4
http://www.securitytracker.com/id/1035508
http://www.ubuntu.com/usn/USN-2939-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-8668
Bugtraq: 20151228 libtiff bmp file Heap Overflow (CVE-2015-8668) (Google Search)
http://www.securityfocus.com/archive/1/537208/100/0/threaded
http://packetstormsecurity.com/files/135080/libtiff-4.0.6-Heap-Overflow.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-8683
BugTraq ID: 79718
http://www.securityfocus.com/bid/79718
http://www.openwall.com/lists/oss-security/2015/12/25/1
http://www.openwall.com/lists/oss-security/2015/12/26/1
Common Vulnerability Exposure (CVE) ID: CVE-2015-8781
BugTraq ID: 81730
http://www.securityfocus.com/bid/81730
http://www.openwall.com/lists/oss-security/2016/01/24/3
http://www.openwall.com/lists/oss-security/2016/01/24/7
SuSE Security Announcement: openSUSE-SU-2016:0405 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-02/msg00058.html
SuSE Security Announcement: openSUSE-SU-2016:0414 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-02/msg00064.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-8782
Common Vulnerability Exposure (CVE) ID: CVE-2015-8783
Common Vulnerability Exposure (CVE) ID: CVE-2015-8784
BugTraq ID: 81696
http://www.securityfocus.com/bid/81696
http://www.openwall.com/lists/oss-security/2016/01/24/4
http://www.openwall.com/lists/oss-security/2016/01/24/8
Common Vulnerability Exposure (CVE) ID: CVE-2016-3632
BugTraq ID: 85953
http://www.securityfocus.com/bid/85953
BugTraq ID: 85960
http://www.securityfocus.com/bid/85960
http://www.openwall.com/lists/oss-security/2016/04/08/9
Common Vulnerability Exposure (CVE) ID: CVE-2016-3945
Debian Security Information: DSA-3762 (Google Search)
http://www.debian.org/security/2017/dsa-3762
http://www.openwall.com/lists/oss-security/2016/04/08/6
SuSE Security Announcement: openSUSE-SU-2016:2275 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-09/msg00039.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-3990
BugTraq ID: 86000
http://www.securityfocus.com/bid/86000
http://www.openwall.com/lists/oss-security/2016/04/12/2
Common Vulnerability Exposure (CVE) ID: CVE-2016-3991
BugTraq ID: 85996
http://www.securityfocus.com/bid/85996
http://www.openwall.com/lists/oss-security/2016/04/12/3
Common Vulnerability Exposure (CVE) ID: CVE-2016-5320
CopyrightCopyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.