 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.1.10.2017.0378 |
| Kategorie: | Mageia Linux Local Security Checks |
| Titel: | Mageia: Security Advisory (MGASA-2017-0378) |
| Zusammenfassung: | The remote host is missing an update for the 'poppler' package(s) announced via the MGASA-2017-0378 advisory. |
| Beschreibung: | Summary: The remote host is missing an update for the 'poppler' package(s) announced via the MGASA-2017-0378 advisory. Vulnerability Insight: In Poppler 0.59.0, a floating point exception exists in the isImageInterpolationRequired() function in Splash.cc via a crafted PDF document. (CVE-2017-14518) In Poppler 0.59.0, a floating point exception occurs in the ImageStream class in Stream.cc, which may lead to a potential attack when handling malicious PDF files. (CVE-2017-14617) In Poppler 0.59.0, a NULL Pointer Dereference exists in AnnotRichMedia::Content::Content in Annot.cc via a crafted PDF document. (CVE-2017-14926) In Poppler 0.59.0, a NULL Pointer Dereference exists in AnnotRichMedia::Configuration::Configuration in Annot.cc via a crafted PDF document. (CVE-2017-14928) In Poppler 0.59.0, memory corruption occurs in a call to Object::dictLookup() in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opFill, Gfx::doPatternFill, Gfx::doTilingPatternFill and Gfx::drawForm calls (aka a Gfx.cc infinite loop), a different vulnerability than CVE-2017-14519. (CVE-2017-14929) The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability because a data structure is not initialized, which allows an attacker to launch a denial of service attack. (CVE-2017-14975) The FoFiTrueType::getCFFBlock function in FoFiTrueType.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability due to lack of validation of a table pointer, which allows an attacker to launch a denial of service attack. (CVE-2017-14977) Affected Software/OS: 'poppler' package(s) on Mageia 5, Mageia 6. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2017-14518 Debian Security Information: DSA-4079 (Google Search) https://www.debian.org/security/2018/dsa-4079 Common Vulnerability Exposure (CVE) ID: CVE-2017-14617 Common Vulnerability Exposure (CVE) ID: CVE-2017-14926 https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html Common Vulnerability Exposure (CVE) ID: CVE-2017-14928 Common Vulnerability Exposure (CVE) ID: CVE-2017-14929 Debian Security Information: DSA-4097 (Google Search) https://www.debian.org/security/2018/dsa-4097 Common Vulnerability Exposure (CVE) ID: CVE-2017-14975 https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html Common Vulnerability Exposure (CVE) ID: CVE-2017-14977 |
| Copyright | Copyright (C) 2022 Greenbone AG |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |