 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.881261 |
| Categoría: | CentOS Local Security Checks |
| Título: | CentOS Update for jasper CESA-2011:1807 centos6 |
| Resumen: | The remote host is missing an update for the 'jasper'; package(s) announced via the referenced advisory. |
| Descripción: | Summary: The remote host is missing an update for the 'jasper' package(s) announced via the referenced advisory. Vulnerability Insight: JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Two heap-based buffer overflow flaws were found in the way JasPer decoded JPEG 2000 compressed image files. An attacker could create a malicious JPEG 2000 compressed image file that, when opened, would cause applications that use JasPer (such as Nautilus) to crash or, potentially, execute arbitrary code. (CVE-2011-4516, CVE-2011-4517) Red Hat would like to thank Jonathan Foote of the CERT Coordination Center for reporting these issues. Users are advised to upgrade to these updated packages, which contain a backported patch to correct these issues. All applications using the JasPer libraries (such as Nautilus) must be restarted for the update to take effect. Affected Software/OS: jasper on CentOS 6 Solution: Please install the updated packages. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2011-4516 BugTraq ID: 50992 http://www.securityfocus.com/bid/50992 CERT/CC vulnerability note: VU#887409 http://www.kb.cert.org/vuls/id/887409 Debian Security Information: DSA-2371 (Google Search) http://www.debian.org/security/2011/dsa-2371 http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071561.html http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071458.html http://osvdb.org/77595 http://www.redhat.com/support/errata/RHSA-2011-1807.html http://www.redhat.com/support/errata/RHSA-2011-1811.html RedHat Security Advisories: RHSA-2015:0698 http://rhn.redhat.com/errata/RHSA-2015-0698.html http://secunia.com/advisories/47193 http://secunia.com/advisories/47306 http://secunia.com/advisories/47353 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606 SuSE Security Announcement: openSUSE-SU-2011:1317 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00010.html http://www.ubuntu.com/usn/USN-1315-1 Common Vulnerability Exposure (CVE) ID: CVE-2011-4517 http://osvdb.org/77596 XForce ISS Database: jasper-jpccrggetparms-bo(71701) https://exchange.xforce.ibmcloud.com/vulnerabilities/71701 |
| Copyright | Copyright (C) 2012 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |