Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2018.0051
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2018-0051)
Zusammenfassung:	The remote host is missing an update for the 'libexif' package(s) announced via the MGASA-2018-0051 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'libexif' package(s) announced via the MGASA-2018-0051 advisory. Vulnerability Insight: A vulnerability was found in libexif. The vulnerability is caused by an integer overflow. In some cases, the integer overflow can cause Heap Out-of-Bounds Read, i.e. Heap Buffer Overflow vulnerability. In some other cases, the integer overflow can cause use of uninitialized pointer variable, i.e. Use of Uninitialized Variable Vulnerability. The vulnerability happens when parsing MNOTE entry data of the input file. The vulnerability can cause Denial-of-Service (DoS) and Information Disclosure (disclosing some critical heap chunk metadata, even other applications' private data) (CVE-2016-6328). Affected Software/OS: 'libexif' package(s) on Mageia 5, Mageia 6. Solution: Please install the updated package(s). CVSS Score: 5.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6328 GLSA-202007-05 https://security.gentoo.org/glsa/202007-05 USN-4277-1 https://usn.ubuntu.com/4277-1/ [debian-lts-announce] 20200518 [SECURITY] [DLA 2214-1] libexif security update https://lists.debian.org/debian-lts-announce/2020/05/msg00016.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-6328 openSUSE-SU-2020:0793 http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00017.html
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.