Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2018-0016)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2018.0016
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2018-0016)
Zusammenfassung:	The remote host is missing an update for the 'gdk-pixbuf2.0' package(s) announced via the MGASA-2018-0016 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'gdk-pixbuf2.0' package(s) announced via the MGASA-2018-0016 advisory. Vulnerability Insight: JPEG gdk_pixbuf__jpeg_image_load_increment Code Execution Vulnerability (CVE-2017-2862). tiff_image_parse Code Execution Vulnerability (CVE-2017-2870). Ariel Zelivansky discovered that the GDK-PixBuf library did not properly handle printing certain error messages. If an user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service (CVE-2017-6311). Out-of-bounds read on io-ico.c (CVE-2017-6312). A dangerous integer underflow in io-icns.c (CVE-2017-6313). Infinite loop in io-tiff.c (CVE-2017-6314). Note, the CVE-2017-2862, CVE-2017-2870, and CVE-2017-6311 issues only affected Mageia 5. Affected Software/OS: 'gdk-pixbuf2.0' package(s) on Mageia 5, Mageia 6. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-2862 BugTraq ID: 100541 http://www.securityfocus.com/bid/100541 Debian Security Information: DSA-3978 (Google Search) http://www.debian.org/security/2017/dsa-3978 https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0366 Common Vulnerability Exposure (CVE) ID: CVE-2017-2870 https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0377 https://lists.debian.org/debian-lts-announce/2019/12/msg00025.html Common Vulnerability Exposure (CVE) ID: CVE-2017-6311 BugTraq ID: 96779 http://www.securityfocus.com/bid/96779 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJF5ARFOX4BFUK6YCBKGAKBQYECO3AI2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSAZ6UCKKXC5VOWXGWQHOX2ZBLLATIOT/ https://security.gentoo.org/glsa/201709-08 http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html https://bugzilla.gnome.org/show_bug.cgi?id=778204 http://www.openwall.com/lists/oss-security/2017/02/21/4 http://www.openwall.com/lists/oss-security/2017/02/26/1 Common Vulnerability Exposure (CVE) ID: CVE-2017-6312 https://bugzilla.gnome.org/show_bug.cgi?id=779012 Common Vulnerability Exposure (CVE) ID: CVE-2017-6313 https://bugzilla.gnome.org/show_bug.cgi?id=779016 Common Vulnerability Exposure (CVE) ID: CVE-2017-6314 https://bugzilla.gnome.org/show_bug.cgi?id=779020
Copyright	Copyright (C) 2022 Greenbone AG