 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.1.10.2017.0124 |
| Kategorie: | Mageia Linux Local Security Checks |
| Titel: | Mageia: Security Advisory (MGASA-2017-0124) |
| Zusammenfassung: | The remote host is missing an update for the 'freetype2' package(s) announced via the MGASA-2017-0124 advisory. |
| Beschreibung: | Summary: The remote host is missing an update for the 'freetype2' package(s) announced via the MGASA-2017-0124 advisory. Vulnerability Insight: It was discovered that a heap-based buffer overflow existed in the FreeType library. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2016-10328). FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c (CVE-2017-8105). FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c (CVE-2017-8287). Affected Software/OS: 'freetype2' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-10328 BugTraq ID: 97677 http://www.securityfocus.com/bid/97677 https://security.gentoo.org/glsa/201706-14 http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=beecf80a6deecbaf5d264d4f864451bde4fe98b8 http://savannah.nongnu.org/bugs/?func=detailitem&item_id=49858 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=289 https://www.oracle.com/security-alerts/cpuapr2020.html Common Vulnerability Exposure (CVE) ID: CVE-2017-8105 BugTraq ID: 99093 http://www.securityfocus.com/bid/99093 Debian Security Information: DSA-3839 (Google Search) http://www.debian.org/security/2017/dsa-3839 http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f958c48ee431bef8d4d466b40c9cb2d4dbcb7791 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935 https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html Common Vulnerability Exposure (CVE) ID: CVE-2017-8287 BugTraq ID: 99091 http://www.securityfocus.com/bid/99091 http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3774fc08b502c3e685afca098b6e8a195aded6a0 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=941 |
| Copyright | Copyright (C) 2022 Greenbone AG |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |