English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 145615 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.1.10.2017.0481
Kategorie:Mageia Linux Local Security Checks
Titel:Mageia: Security Advisory (MGASA-2017-0481)
Zusammenfassung:The remote host is missing an update for the 'openjpeg2' package(s) announced via the MGASA-2017-0481 advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'openjpeg2' package(s) announced via the MGASA-2017-0481 advisory.

Vulnerability Insight:
A heap-based buffer overflow was discovered in the opj_t2_encode_packet
function. The vulnerability caused an out-of-bounds write, which may have
lead to remote denial of service or possibly unspecified other impact
(CVE-2017-14039).

An invalid write access was discovered in bin/jp2/convert.c, triggering a
crash in the tgatoimage function. The vulnerability may have lead to
remote denial of service or possibly unspecified other impact
(CVE-2017-14040).

A stack-based buffer overflow was discovered in the pgxtoimage function.
The vulnerability caused an out-of-bounds write, which may have lead to
remote denial of service or possibly remote code execution
(CVE-2017-14041).

A size-validation issue was discovered in opj_j2k_write_sot. The
vulnerability caused an out-of-bounds write, which may have lead to remote
DoS or possibly remote code execution (CVE-2017-14164).

Affected Software/OS:
'openjpeg2' package(s) on Mageia 5, Mageia 6.

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2017-14039
BugTraq ID: 100550
http://www.securityfocus.com/bid/100550
Debian Security Information: DSA-4013 (Google Search)
http://www.debian.org/security/2017/dsa-4013
https://security.gentoo.org/glsa/201710-26
https://blogs.gentoo.org/ago/2017/08/28/openjpeg-heap-based-buffer-overflow-in-opj_t2_encode_packet-t2-c/
https://github.com/uclouvain/openjpeg/commit/c535531f03369623b9b833ef41952c62257b507e
https://github.com/uclouvain/openjpeg/issues/992
Common Vulnerability Exposure (CVE) ID: CVE-2017-14040
BugTraq ID: 100553
http://www.securityfocus.com/bid/100553
https://blogs.gentoo.org/ago/2017/08/28/openjpeg-invalid-memory-write-in-tgatoimage-convert-c/
https://github.com/uclouvain/openjpeg/commit/2cd30c2b06ce332dede81cccad8b334cde997281
https://github.com/uclouvain/openjpeg/issues/995
Common Vulnerability Exposure (CVE) ID: CVE-2017-14041
BugTraq ID: 100555
http://www.securityfocus.com/bid/100555
https://blogs.gentoo.org/ago/2017/08/28/openjpeg-stack-based-buffer-overflow-write-in-pgxtoimage-convert-c/
https://github.com/uclouvain/openjpeg/commit/e5285319229a5d77bf316bb0d3a6cbd3cb8666d9
https://github.com/uclouvain/openjpeg/issues/997
Common Vulnerability Exposure (CVE) ID: CVE-2017-14164
BugTraq ID: 100677
http://www.securityfocus.com/bid/100677
https://blogs.gentoo.org/ago/2017/09/06/heap-based-buffer-overflow-in-opj_write_bytes_le-cio-c-incomplete-fix-for-cve-2017-14152/
https://github.com/uclouvain/openjpeg/commit/dcac91b8c72f743bda7dbfa9032356bc8110098a
https://github.com/uclouvain/openjpeg/issues/991
CopyrightCopyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.