Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2015-0388)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.130005

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2015-0388)

Resumen: The remote host is missing an update for the 'gdk-pixbuf2.0' package(s) announced via the MGASA-2015-0388 advisory.

Descripción: Summary:
The remote host is missing an update for the 'gdk-pixbuf2.0' package(s) announced via the MGASA-2015-0388 advisory.

Vulnerability Insight:
Updated gdk-pixbuf packages fix security vulnerabilities:

Security researcher Gustavo Grieco reported a heap overflow in gdk-pixbuf
before 2.32.0. This issue is triggered by the scaling of a malformed tga
format image and results in a potentially exploitable crash (CVE-2015-7673).

Security researcher Gustavo Grieco reported a heap overflow in gdk-pixbuf
before 2.32.1. This issue is triggered by the scaling of a malformed gif
format image (CVE-2015-7674).

Affected Software/OS:
'gdk-pixbuf2.0' package(s) on Mageia 5.

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2015-7673
BugTraq ID: 76953
http://www.securityfocus.com/bid/76953
Debian Security Information: DSA-3378 (Google Search)
http://www.debian.org/security/2015/dsa-3378
https://security.gentoo.org/glsa/201512-05
http://www.openwall.com/lists/oss-security/2015/10/01/3
http://www.openwall.com/lists/oss-security/2015/10/02/9
SuSE Security Announcement: openSUSE-SU-2016:0897 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-03/msg00124.html
SuSE Security Announcement: openSUSE-SU-2016:1467 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-06/msg00006.html
http://www.ubuntu.com/usn/USN-2767-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-7674
BugTraq ID: 76955
http://www.securityfocus.com/bid/76955
http://www.openwall.com/lists/oss-security/2015/10/01/4
http://www.openwall.com/lists/oss-security/2015/10/01/7
http://www.openwall.com/lists/oss-security/2015/10/02/10
http://www.openwall.com/lists/oss-security/2015/10/05/7

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.130005
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2015-0388)
Resumen:	The remote host is missing an update for the 'gdk-pixbuf2.0' package(s) announced via the MGASA-2015-0388 advisory.
Descripción:	Summary: The remote host is missing an update for the 'gdk-pixbuf2.0' package(s) announced via the MGASA-2015-0388 advisory. Vulnerability Insight: Updated gdk-pixbuf packages fix security vulnerabilities: Security researcher Gustavo Grieco reported a heap overflow in gdk-pixbuf before 2.32.0. This issue is triggered by the scaling of a malformed tga format image and results in a potentially exploitable crash (CVE-2015-7673). Security researcher Gustavo Grieco reported a heap overflow in gdk-pixbuf before 2.32.1. This issue is triggered by the scaling of a malformed gif format image (CVE-2015-7674). Affected Software/OS: 'gdk-pixbuf2.0' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-7673 BugTraq ID: 76953 http://www.securityfocus.com/bid/76953 Debian Security Information: DSA-3378 (Google Search) http://www.debian.org/security/2015/dsa-3378 https://security.gentoo.org/glsa/201512-05 http://www.openwall.com/lists/oss-security/2015/10/01/3 http://www.openwall.com/lists/oss-security/2015/10/02/9 SuSE Security Announcement: openSUSE-SU-2016:0897 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-03/msg00124.html SuSE Security Announcement: openSUSE-SU-2016:1467 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-06/msg00006.html http://www.ubuntu.com/usn/USN-2767-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-7674 BugTraq ID: 76955 http://www.securityfocus.com/bid/76955 http://www.openwall.com/lists/oss-security/2015/10/01/4 http://www.openwall.com/lists/oss-security/2015/10/01/7 http://www.openwall.com/lists/oss-security/2015/10/02/10 http://www.openwall.com/lists/oss-security/2015/10/05/7
Copyright	Copyright (C) 2015 Greenbone AG