Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2023.0083
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2023-0083)
Zusammenfassung:	The remote host is missing an update for the 'dcmtk' package(s) announced via the MGASA-2023-0083 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'dcmtk' package(s) announced via the MGASA-2023-0083 advisory. Vulnerability Insight: Gjoko Krstic discovered that DCMTK incorrectly handled buffers. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2015-8979) Omar Ganiev discovered that DCMTK incorrectly handled buffers. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2019-1010228) Jinsheng Ba discovered that DCMTK incorrectly handled certain requests. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2021-41687, CVE-2021-41688, CVE-2021-41689, and CVE-2021-41690) Sharon Brizinov and Noam Moshe discovered that DCMTK incorrectly handled certain inputs. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2022-2119 and CVE-2022-2120) Sharon Brizinov and Noam Moshe discovered that DCMTK incorrectly handled pointers. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2022-2121) It was discovered that DCMTK incorrectly handled certain inputs. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2022-43272) Affected Software/OS: 'dcmtk' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2021-41687 https://github.com/DCMTK/dcmtk https://github.com/DCMTK/dcmtk/commit/a9697dfeb672b0b9412c00c7d36d801e27ec85cb Common Vulnerability Exposure (CVE) ID: CVE-2021-41688 Common Vulnerability Exposure (CVE) ID: CVE-2021-41689 https://github.com/DCMTK/dcmtk/commit/5c14bf53fb42ceca12bbcc0016e8704b1580920d Common Vulnerability Exposure (CVE) ID: CVE-2021-41690 Common Vulnerability Exposure (CVE) ID: CVE-2022-2119 https://www.cisa.gov/uscert/ics/advisories/icsma-22-174-01 Common Vulnerability Exposure (CVE) ID: CVE-2022-2120 Common Vulnerability Exposure (CVE) ID: CVE-2022-2121 Common Vulnerability Exposure (CVE) ID: CVE-2022-43272 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UMQ2USESKF6OAZAH64OFHNK2HJIJVGPP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HROBSUUV2LZCYUNODI2YM7G7AYYO75B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3QG7MSHORLYAHDXMYG6FQKU4GOCRBCR/ https://github.com/songxpu/bug_report/tree/master/DCMTK/memory_leak_in_3.6.7 https://www.wolai.com/vaVuMxU4gGqFakbzvc9NYw
Copyright	Copyright (C) 2023 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.