Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200409-12 (imagemagick imlib)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.54669

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200409-12 (imagemagick imlib)

Resumen: The remote host is missing updates announced in;advisory GLSA 200409-12.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200409-12.

Vulnerability Insight:
ImageMagick, imlib and imlib2 contain exploitable buffer overflow
vulnerabilities in the BMP image processing code.

Solution:
All ImageMagick users should upgrade to the latest version:

# emerge sync

# emerge -pv '>=media-gfx/imagemagick-6.0.7.1'
# emerge '>=media-gfx/imagemagick-6.0.7.1'

All imlib users should upgrade to the latest version:

# emerge sync

# emerge -pv '>=media-libs/imlib-1.9.14-r2'
# emerge '>=media-libs/imlib-1.9.14-r2'

All imlib2 users should upgrade to the latest version:

# emerge sync

# emerge -pv '>=media-libs/imlib2-1.1.2'
# emerge '>=media-libs/imlib2-1.1.2'

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-0817
BugTraq ID: 11084
http://www.securityfocus.com/bid/11084
Conectiva Linux advisory: CLA-2004:870
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000870
Debian Security Information: DSA-548 (Google Search)
http://www.debian.org/security/2004/dsa-548
http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2004:089
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843
http://www.redhat.com/support/errata/RHSA-2004-465.html
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1
XForce ISS Database: imlib-bmp-bo(17182)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17182
Common Vulnerability Exposure (CVE) ID: CVE-2004-0802
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089
http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20&view=markup
XForce ISS Database: imlib2-bmp-bo(17183)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17183

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.54669
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200409-12 (imagemagick imlib)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200409-12.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200409-12. Vulnerability Insight: ImageMagick, imlib and imlib2 contain exploitable buffer overflow vulnerabilities in the BMP image processing code. Solution: All ImageMagick users should upgrade to the latest version: # emerge sync # emerge -pv '>=media-gfx/imagemagick-6.0.7.1' # emerge '>=media-gfx/imagemagick-6.0.7.1' All imlib users should upgrade to the latest version: # emerge sync # emerge -pv '>=media-libs/imlib-1.9.14-r2' # emerge '>=media-libs/imlib-1.9.14-r2' All imlib2 users should upgrade to the latest version: # emerge sync # emerge -pv '>=media-libs/imlib2-1.1.2' # emerge '>=media-libs/imlib2-1.1.2' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0817 BugTraq ID: 11084 http://www.securityfocus.com/bid/11084 Conectiva Linux advisory: CLA-2004:870 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000870 Debian Security Information: DSA-548 (Google Search) http://www.debian.org/security/2004/dsa-548 http://www.gentoo.org/security/en/glsa/glsa-200409-12.xml http://www.mandriva.com/security/advisories?name=MDKSA-2004:089 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8843 http://www.redhat.com/support/errata/RHSA-2004-465.html http://sunsolve.sun.com/search/document.do?assetkey=1-66-201611-1 XForce ISS Database: imlib-bmp-bo(17182) https://exchange.xforce.ibmcloud.com/vulnerabilities/17182 Common Vulnerability Exposure (CVE) ID: CVE-2004-0802 http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:089 http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20&view=markup XForce ISS Database: imlib2-bmp-bo(17183) https://exchange.xforce.ibmcloud.com/vulnerabilities/17183
Copyright	Copyright (C) 2008 E-Soft Inc.