ID de Prueba:	1.3.6.1.4.1.25623.1.0.71538
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: ImageMagick
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: ImageMagick CVE-2012-0259 The GetEXIFProperty function in magick/property.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (crash) via a zero value in the component count of an EXIF XResolution tag in a JPEG file, which triggers an out-of-bounds read. CVE-2012-0260 The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (memory consumption) via a JPEG image with a crafted sequence of restart markers. CVE-2012-1798 The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-0259 BugTraq ID: 52898 http://www.securityfocus.com/bid/52898 Debian Security Information: DSA-2462 (Google Search) http://www.debian.org/security/2012/dsa-2462 http://www.cert.fi/en/reports/2012/vulnerability635606.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0259 http://www.osvdb.org/81021 RedHat Security Advisories: RHSA-2012:0544 http://rhn.redhat.com/errata/RHSA-2012-0544.html http://www.securitytracker.com/id?1027032 http://secunia.com/advisories/48679 http://secunia.com/advisories/48974 http://secunia.com/advisories/49043 http://secunia.com/advisories/49063 http://secunia.com/advisories/49317 http://secunia.com/advisories/55035 SuSE Security Announcement: openSUSE-SU-2012:0692 (Google Search) http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html http://ubuntu.com/usn/usn-1435-1 XForce ISS Database: imagemagick-jpegexif-dos(74657) https://exchange.xforce.ibmcloud.com/vulnerabilities/74657 Common Vulnerability Exposure (CVE) ID: CVE-2012-0260 http://www.osvdb.org/81022 RedHat Security Advisories: RHSA-2012:0545 http://rhn.redhat.com/errata/RHSA-2012-0545.html http://secunia.com/advisories/49068 http://secunia.com/advisories/57224 http://www.ubuntu.com/usn/USN-2132-1 XForce ISS Database: imagemagick-jpegwarninghandler-dos(74658) https://exchange.xforce.ibmcloud.com/vulnerabilities/74658 Common Vulnerability Exposure (CVE) ID: CVE-2012-1798 http://www.osvdb.org/81023 XForce ISS Database: imagemagick-tiffexififd-dos(74659) https://exchange.xforce.ibmcloud.com/vulnerabilities/74659
Copyright	Copyright (C) 2012 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.