Gentoo Local Security Checks : Gentoo Security Advisory GLSA 201209-02 (tiff)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.72419
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 201209-02 (tiff)
Resumen:	The remote host is missing updates announced in;advisory GLSA 201209-02.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 201209-02. Vulnerability Insight: Multiple vulnerabilities in libTIFF could result in execution of arbitrary code or Denial of Service. Solution: All libTIFF 4.0 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-libs/tiff-4.0.2-r1' All libTIFF 3.9 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-libs/tiff-3.9.5-r2' CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2347 BugTraq ID: 35652 http://www.securityfocus.com/bid/35652 Bugtraq: 20090713 [oCERT-2009-012] libtiff tools integer overflows (Google Search) http://www.securityfocus.com/archive/1/504892/100/0/threaded Debian Security Information: DSA-1835 (Google Search) http://www.debian.org/security/2009/dsa-1835 https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00663.html https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00724.html http://security.gentoo.org/glsa/glsa-200908-03.xml http://security.gentoo.org/glsa/glsa-201209-02.xml http://www.mandriva.com/security/advisories?name=MDVSA-2009:150 http://www.mandriva.com/security/advisories?name=MDVSA-2011:043 http://www.ocert.org/advisories/ocert-2009-012.html http://osvdb.org/55821 http://osvdb.org/55822 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10988 http://www.redhat.com/support/errata/RHSA-2009-1159.html http://www.securitytracker.com/id?1022539 http://secunia.com/advisories/35811 http://secunia.com/advisories/35817 http://secunia.com/advisories/35866 http://secunia.com/advisories/35883 http://secunia.com/advisories/35911 http://secunia.com/advisories/36194 http://secunia.com/advisories/50726 http://www.ubuntu.com/usn/USN-801-1 http://www.vupen.com/english/advisories/2009/1870 http://www.vupen.com/english/advisories/2011/0621 XForce ISS Database: libtiff-rgb2ycbcr-tiff2rgba-bo(51688) https://exchange.xforce.ibmcloud.com/vulnerabilities/51688 Common Vulnerability Exposure (CVE) ID: CVE-2009-5022 1025380 http://securitytracker.com/id?1025380 44271 http://secunia.com/advisories/44271 47338 http://www.securityfocus.com/bid/47338 50726 ADV-2011-1014 http://www.vupen.com/english/advisories/2011/1014 ADV-2011-1082 http://www.vupen.com/english/advisories/2011/1082 DSA-2256 http://www.debian.org/security/2011/dsa-2256 FEDORA-2011-5304 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058478.html GLSA-201209-02 MDVSA-2011:078 http://www.mandriva.com/security/advisories?name=MDVSA-2011:078 RHSA-2011:0452 http://www.redhat.com/support/errata/RHSA-2011-0452.html USN-1120-1 http://www.ubuntu.com/usn/USN-1120-1 [oss-security] 20110412 libtiff CVE assignments http://openwall.com/lists/oss-security/2011/04/12/10 http://bugzilla.maptools.org/show_bug.cgi?id=1999 http://www.remotesensing.org/libtiff/v3.9.5.html https://bugzilla.redhat.com/show_bug.cgi?id=695885 libtiff-ojpeg-bo(66774) https://exchange.xforce.ibmcloud.com/vulnerabilities/66774 Common Vulnerability Exposure (CVE) ID: CVE-2010-1411 http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html BugTraq ID: 40823 http://www.securityfocus.com/bid/40823 http://lists.fedoraproject.org/pipermail/package-announce/2010-July/043769.html http://lists.fedoraproject.org/pipermail/package-announce/2010-July/043835.html http://marc.info/?l=oss-security&m=127731610612908&w=2 http://www.redhat.com/support/errata/RHSA-2010-0519.html http://www.redhat.com/support/errata/RHSA-2010-0520.html http://securitytracker.com/id?1024103 http://secunia.com/advisories/40181 http://secunia.com/advisories/40196 http://secunia.com/advisories/40220 http://secunia.com/advisories/40381 http://secunia.com/advisories/40478 http://secunia.com/advisories/40527 http://secunia.com/advisories/40536 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.596424 SuSE Security Announcement: SUSE-SR:2010:014 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html http://www.ubuntu.com/usn/USN-954-1 http://www.vupen.com/english/advisories/2010/1435 http://www.vupen.com/english/advisories/2010/1481 http://www.vupen.com/english/advisories/2010/1512 http://www.vupen.com/english/advisories/2010/1638 http://www.vupen.com/english/advisories/2010/1731 http://www.vupen.com/english/advisories/2010/1761 Common Vulnerability Exposure (CVE) ID: CVE-2010-2065 40181 40381 ADV-2010-1638 ADV-2011-0204 http://www.vupen.com/english/advisories/2011/0204 ADV-2011-0621 MDVSA-2011:043 SSA:2010-180-02 USN-954-1 [oss-security] 20100623 CVE requests: LibTIFF http://blogs.sun.com/security/entry/cve_2010_2065_cve_2010 http://www.remotesensing.org/libtiff/v3.9.3.html https://bugs.launchpad.net/ubuntu/+source/tiff/+bug/589565 https://bugzilla.redhat.com/show_bug.cgi?id=601274 Common Vulnerability Exposure (CVE) ID: CVE-2010-2067 20100621 Multiple Vendor LibTIFF 3.9.2 Stack Buffer Overflow Vulnerability http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=874 40241 http://secunia.com/advisories/40241 65676 http://osvdb.org/65676 SUSE-SR:2010:014 http://bugzilla.maptools.org/show_bug.cgi?id=2212 http://www.remotesensing.org/libtiff/v3.9.4.html https://bugzilla.redhat.com/show_bug.cgi?id=599576 Common Vulnerability Exposure (CVE) ID: CVE-2010-2233 1024150 http://securitytracker.com/id?1024150 40422 http://secunia.com/advisories/40422 http://bugzilla.maptools.org/show_bug.cgi?id=2207 https://bugzilla.redhat.com/show_bug.cgi?id=583081 https://bugzilla.redhat.com/show_bug.cgi?id=607198 Common Vulnerability Exposure (CVE) ID: CVE-2010-2443 http://marc.info/?l=oss-security&m=127736307002102&w=2 http://marc.info/?l=oss-security&m=127781315415896&w=2 Common Vulnerability Exposure (CVE) ID: CVE-2010-2481 40527 ADV-2010-1761 RHSA-2010:0519 [oss-security] 20100624 Re: CVE requests: LibTIFF http://marc.info/?l=oss-security&m=127738540902757&w=2 [oss-security] 20100629 Re: CVE requests: LibTIFF [oss-security] 20100630 Re: CVE requests: LibTIFF http://www.openwall.com/lists/oss-security/2010/06/30/22 [oss-security] 20100701 Re: CVE requests: LibTIFF http://marc.info/?l=oss-security&m=127797353202873&w=2 http://bugzilla.maptools.org/show_bug.cgi?id=2210 Common Vulnerability Exposure (CVE) ID: CVE-2010-2482 DSA-2552 http://www.debian.org/security/2012/dsa-2552 http://bugzilla.maptools.org/show_bug.cgi?id=1996 https://bugs.launchpad.net/bugs/597246 https://bugzilla.redhat.com/show_bug.cgi?id=603024 https://bugzilla.redhat.com/show_bug.cgi?id=608010 Common Vulnerability Exposure (CVE) ID: CVE-2010-2483 http://bugzilla.maptools.org/show_bug.cgi?id=2216 https://bugs.launchpad.net/ubuntu/+source/tiff/+bug/591605 https://bugzilla.redhat.com/show_bug.cgi?id=603081 Common Vulnerability Exposure (CVE) ID: CVE-2010-2595 Debian Security Information: DSA-2552 (Google Search) Common Vulnerability Exposure (CVE) ID: CVE-2010-2596 Common Vulnerability Exposure (CVE) ID: CVE-2010-2597 Common Vulnerability Exposure (CVE) ID: CVE-2010-2630 Common Vulnerability Exposure (CVE) ID: CVE-2010-2631 Common Vulnerability Exposure (CVE) ID: CVE-2010-3087 SUSE-SR:2010:017 http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html http://blackberry.com/btsc/KB27244 http://support.novell.com/security/cve/CVE-2010-3087.html https://bugzilla.novell.com/show_bug.cgi?id=624215 Common Vulnerability Exposure (CVE) ID: CVE-2010-4665 SUSE-SR:2011:009 http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html USN-1416-1 http://ubuntu.com/usn/usn-1416-1 http://bugzilla.maptools.org/show_bug.cgi?id=2218 https://bugzilla.redhat.com/show_bug.cgi?id=695887 Common Vulnerability Exposure (CVE) ID: CVE-2011-0192 http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html BugTraq ID: 46658 http://www.securityfocus.com/bid/46658 Debian Security Information: DSA-2210 (Google Search) http://www.debian.org/security/2011/dsa-2210 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html http://www.redhat.com/support/errata/RHSA-2011-0318.html http://www.securitytracker.com/id?1025153 http://secunia.com/advisories/43585 http://secunia.com/advisories/43593 http://secunia.com/advisories/43664 http://secunia.com/advisories/43934 http://secunia.com/advisories/44117 http://secunia.com/advisories/44135 http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.587820 SuSE Security Announcement: SUSE-SR:2011:005 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html SuSE Security Announcement: SUSE-SR:2011:009 (Google Search) http://www.vupen.com/english/advisories/2011/0551 http://www.vupen.com/english/advisories/2011/0599 http://www.vupen.com/english/advisories/2011/0845 http://www.vupen.com/english/advisories/2011/0905 http://www.vupen.com/english/advisories/2011/0930 http://www.vupen.com/english/advisories/2011/0960 Common Vulnerability Exposure (CVE) ID: CVE-2011-1167 1025257 http://www.securitytracker.com/id?1025257 20110321 ZDI-11-107: Libtiff ThunderCode Decoder THUNDER_2BITDELTAS Remote Code Execution Vulnerability http://www.securityfocus.com/archive/1/517101/100/0/threaded 43900 http://secunia.com/advisories/43900 43934 43974 http://secunia.com/advisories/43974 44117 44135 46951 http://www.securityfocus.com/bid/46951 71256 http://www.osvdb.org/71256 8165 http://securityreason.com/securityalert/8165 ADV-2011-0795 http://www.vupen.com/english/advisories/2011/0795 ADV-2011-0845 ADV-2011-0859 http://www.vupen.com/english/advisories/2011/0859 ADV-2011-0860 http://www.vupen.com/english/advisories/2011/0860 ADV-2011-0905 ADV-2011-0930 ADV-2011-0960 APPLE-SA-2012-02-01-1 http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html APPLE-SA-2012-05-09-1 http://lists.apple.com/archives/security-announce/2012/May/msg00001.html APPLE-SA-2012-09-19-1 http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html DSA-2210 FEDORA-2011-3827 FEDORA-2011-3836 MDVSA-2011:064 http://www.mandriva.com/security/advisories?name=MDVSA-2011:064 RHSA-2011:0392 http://www.redhat.com/support/errata/RHSA-2011-0392.html SSA:2011-098-01 USN-1102-1 http://ubuntu.com/usn/usn-1102-1 http://bugzilla.maptools.org/show_bug.cgi?id=2300 http://support.apple.com/kb/HT5130 http://support.apple.com/kb/HT5281 http://support.apple.com/kb/HT5503 http://www.zerodayinitiative.com/advisories/ZDI-11-107 https://bugzilla.redhat.com/show_bug.cgi?id=684939 libtiff-thundercode-decoder-bo(66247) https://exchange.xforce.ibmcloud.com/vulnerabilities/66247 Common Vulnerability Exposure (CVE) ID: CVE-2012-1173 1026895 http://www.securitytracker.com/id?1026895 48684 http://secunia.com/advisories/48684 48722 http://secunia.com/advisories/48722 48735 http://secunia.com/advisories/48735 48757 http://secunia.com/advisories/48757 48893 http://secunia.com/advisories/48893 52891 http://www.securityfocus.com/bid/52891 81025 http://www.osvdb.org/81025 APPLE-SA-2012-09-19-2 http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html DSA-2447 http://www.debian.org/security/2012/dsa-2447 FEDORA-2012-5406 http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078403.html FEDORA-2012-5410 http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078835.html FEDORA-2012-5463 http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077463.html MDVSA-2012:054 http://www.mandriva.com/security/advisories?name=MDVSA-2012:054 RHSA-2012:0468 http://rhn.redhat.com/errata/RHSA-2012-0468.html http://bugzilla.maptools.org/attachment.cgi?id=477&action=diff http://bugzilla.maptools.org/show_bug.cgi?id=2369 http://home.gdal.org/private/zdi-can-1221/zdi-can-1221.txt http://support.apple.com/kb/HT5501 https://downloads.avaya.com/css/P8/documents/100161772 libtiff-gttileseparate-bo(74656) https://exchange.xforce.ibmcloud.com/vulnerabilities/74656 openSUSE-SU-2012:0539 https://hermes.opensuse.org/messages/14302713 Common Vulnerability Exposure (CVE) ID: CVE-2012-2088 49686 http://secunia.com/advisories/49686 54270 http://www.securityfocus.com/bid/54270 APPLE-SA-2013-03-14-1 http://lists.apple.com/archives/security-announce/2013/Mar/msg00002.html MDVSA-2012:101 http://www.mandriva.com/security/advisories?name=MDVSA-2012:101 RHSA-2012:1054 http://rhn.redhat.com/errata/RHSA-2012-1054.html SUSE-SU-2012:0894 http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00010.html http://support.apple.com/kb/HT6162 http://support.apple.com/kb/HT6163 https://bugzilla.redhat.com/show_bug.cgi?id=832864 openSUSE-SU-2012:0829 https://hermes.opensuse.org/messages/15083566 Common Vulnerability Exposure (CVE) ID: CVE-2012-2113 49493 http://secunia.com/advisories/49493 54076 http://www.securityfocus.com/bid/54076 http://www.remotesensing.org/libtiff/v4.0.2.html https://bugzilla.redhat.com/show_bug.cgi?id=810551 Common Vulnerability Exposure (CVE) ID: CVE-2012-3401 49938 http://secunia.com/advisories/49938 50007 http://secunia.com/advisories/50007 54601 http://www.securityfocus.com/bid/54601 84090 http://osvdb.org/84090 MDVSA-2012:127 http://www.mandriva.com/security/advisories?name=MDVSA-2012:127 RHSA-2012:1590 http://rhn.redhat.com/errata/RHSA-2012-1590.html USN-1511-1 http://www.ubuntu.com/usn/USN-1511-1 [oss-security] 20120719 Re: tiff2pdf: Heap-based buffer overflow due to improper initialization of T2P context struct pointer http://www.openwall.com/lists/oss-security/2012/07/19/4 [oss-security] 20120719 tiff2pdf: Heap-based buffer overflow due to improper initialization of T2P context struct pointer http://www.openwall.com/lists/oss-security/2012/07/19/1 http://libjpeg-turbo.svn.sourceforge.net/viewvc/libjpeg-turbo?view=revision&revision=830 http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf https://bugzilla.redhat.com/attachment.cgi?id=596457 https://bugzilla.redhat.com/show_bug.cgi?id=837577 libtiff-t2preadtiffinit-bo(77088) https://exchange.xforce.ibmcloud.com/vulnerabilities/77088 openSUSE-SU-2012:0955 http://lists.opensuse.org/opensuse-updates/2012-08/msg00011.html
Copyright	Copyright (C) 2012 E-Soft Inc.