Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2019.0249
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2019-0249)
Zusammenfassung:	The remote host is missing an update for the 'sigil' package(s) announced via the MGASA-2019-0249 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'sigil' package(s) announced via the MGASA-2019-0249 advisory. Vulnerability Insight: Updated sigil package fixes security vulnerability: Mike Salvatore discovered that Sigil mishandled certain malformed EPUB files. An attacker could use this vulnerability to write arbitrary files to the filesystem (CVE-2019-14452). Affected Software/OS: 'sigil' package(s) on Mageia 6, Mageia 7. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2019-14452 https://github.com/Sigil-Ebook/Sigil/commit/04e2f280cc4a0766bedcc7b9eb56449ceecc2ad4 https://github.com/Sigil-Ebook/Sigil/commit/0979ba8d10c96ebca330715bfd4494ea0e019a8f https://github.com/Sigil-Ebook/Sigil/commit/369eebe936e4a8c83cc54662a3412ce8bef189e4 https://github.com/Sigil-Ebook/Sigil/compare/ea7f27d...5b867e5 https://github.com/Sigil-Ebook/Sigil/releases/tag/0.9.16 https://github.com/Sigil-Ebook/flightcrew/issues/52#issuecomment-505967936 https://github.com/Sigil-Ebook/flightcrew/issues/52#issuecomment-505997355 https://salvatoresecurity.com/zip-slip-in-sigil-cve-2019-14452/ https://usn.ubuntu.com/4085-1/
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.