English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.882531
Categoría:CentOS Local Security Checks
Título:CentOS Update for libtiff CESA-2016:1547 centos6
Resumen:Check the version of libtiff
Descripción:Summary:
Check the version of libtiff

Vulnerability Insight:
The libtiff packages contain a library of
functions for manipulating Tagged Image File Format (TIFF) files.

Security Fix(es):

* Multiple flaws have been discovered in libtiff. A remote attacker could
exploit these flaws to cause a crash or memory corruption and, possibly,
execute arbitrary code by tricking an application linked against libtiff
into processing specially crafted files. (CVE-2014-9655, CVE-2015-1547,
CVE-2015-8784, CVE-2015-8683, CVE-2015-8665, CVE-2015-8781, CVE-2015-8782,
CVE-2015-8783, CVE-2016-3990, CVE-2016-5320)

* Multiple flaws have been discovered in various libtiff tools (bmp2tiff,
pal2rgb, thumbnail, tiff2bw, tiff2pdf, tiffcrop, tiffdither, tiffsplit,
tiff2rgba). By tricking a user into processing a specially crafted file, a
remote attacker could exploit these flaws to cause a crash or memory
corruption and, possibly, execute arbitrary code with the privileges of the
user running the libtiff tool. (CVE-2014-8127, CVE-2014-8129,
CVE-2014-8130, CVE-2014-9330, CVE-2015-7554, CVE-2015-8668, CVE-2016-3632,
CVE-2016-3945, CVE-2016-3991)

Affected Software/OS:
libtiff on CentOS 6

Solution:
Please Install the Updated Packages.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2014-8127
1032760
http://www.securitytracker.com/id/1032760
72323
http://www.securityfocus.com/bid/72323
DSA-3273
http://www.debian.org/security/2015/dsa-3273
GLSA-201701-16
https://security.gentoo.org/glsa/201701-16
RHSA-2016:1546
http://rhn.redhat.com/errata/RHSA-2016-1546.html
RHSA-2016:1547
http://rhn.redhat.com/errata/RHSA-2016-1547.html
[oss-security] 20150124 Multiple vulnerabilities in LibTIFF and associated tools
http://www.openwall.com/lists/oss-security/2015/01/24/15
http://bugzilla.maptools.org/show_bug.cgi?id=2484
http://bugzilla.maptools.org/show_bug.cgi?id=2485
http://bugzilla.maptools.org/show_bug.cgi?id=2486
http://bugzilla.maptools.org/show_bug.cgi?id=2496
http://bugzilla.maptools.org/show_bug.cgi?id=2497
http://bugzilla.maptools.org/show_bug.cgi?id=2500
http://www.conostix.com/pub/adv/CVE-2014-8127-LibTIFF-Out-of-bounds_Reads.txt
openSUSE-SU-2015:0450
http://lists.opensuse.org/opensuse-updates/2015-03/msg00022.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-8129
72352
http://www.securityfocus.com/bid/72352
APPLE-SA-2015-06-30-1
http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html
APPLE-SA-2015-06-30-2
http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html
https://www.debian.org/security/2015/dsa-3273
http://openwall.com/lists/oss-security/2015/01/24/15
http://bugzilla.maptools.org/show_bug.cgi?id=2487
http://bugzilla.maptools.org/show_bug.cgi?id=2488
http://support.apple.com/kb/HT204941
http://support.apple.com/kb/HT204942
http://www.conostix.com/pub/adv/CVE-2014-8129-LibTIFF-Out-of-bounds_Reads_and_Writes.txt
https://bugzilla.redhat.com/show_bug.cgi?id=1185815
Common Vulnerability Exposure (CVE) ID: CVE-2014-8130
72353
http://www.securityfocus.com/bid/72353
http://bugzilla.maptools.org/show_bug.cgi?id=2483
http://www.conostix.com/pub/adv/CVE-2014-8130-LibTIFF-Division_By_Zero.txt
https://bugzilla.redhat.com/show_bug.cgi?id=1185817
https://github.com/vadz/libtiff/commit/3c5eb8b1be544e41d2c336191bc4936300ad7543
Common Vulnerability Exposure (CVE) ID: CVE-2014-9330
BugTraq ID: 71789
http://www.securityfocus.com/bid/71789
Debian Security Information: DSA-3273 (Google Search)
http://seclists.org/fulldisclosure/2014/Dec/97
RedHat Security Advisories: RHSA-2016:1546
RedHat Security Advisories: RHSA-2016:1547
http://www.securitytracker.com/id/1031442
Common Vulnerability Exposure (CVE) ID: CVE-2014-9655
Debian Security Information: DSA-3467 (Google Search)
http://www.debian.org/security/2016/dsa-3467
http://openwall.com/lists/oss-security/2015/02/07/5
Common Vulnerability Exposure (CVE) ID: CVE-2015-1547
BugTraq ID: 73438
http://www.securityfocus.com/bid/73438
http://openwall.com/lists/oss-security/2015/01/24/16
Common Vulnerability Exposure (CVE) ID: CVE-2015-7554
20151226 libtiff: invalid write (CVE-2015-7554)
http://seclists.org/fulldisclosure/2015/Dec/119
http://www.securityfocus.com/archive/1/537205/100/0/threaded
79699
http://www.securityfocus.com/bid/79699
[oss-security] 20151226 libtiff: invalid write (CVE-2015-7554)
http://www.openwall.com/lists/oss-security/2015/12/26/7
http://packetstormsecurity.com/files/135078/libtiff-4.0.6-Invalid-Write.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
openSUSE-SU-2016:0212
http://lists.opensuse.org/opensuse-updates/2016-01/msg00078.html
openSUSE-SU-2016:0215
http://lists.opensuse.org/opensuse-updates/2016-01/msg00081.html
openSUSE-SU-2016:0252
http://lists.opensuse.org/opensuse-updates/2016-01/msg00100.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-8665
BugTraq ID: 79728
http://www.securityfocus.com/bid/79728
http://www.openwall.com/lists/oss-security/2015/12/24/2
http://www.openwall.com/lists/oss-security/2015/12/24/4
http://www.securitytracker.com/id/1035508
http://www.ubuntu.com/usn/USN-2939-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-8668
Bugtraq: 20151228 libtiff bmp file Heap Overflow (CVE-2015-8668) (Google Search)
http://www.securityfocus.com/archive/1/537208/100/0/threaded
http://packetstormsecurity.com/files/135080/libtiff-4.0.6-Heap-Overflow.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-8683
BugTraq ID: 79718
http://www.securityfocus.com/bid/79718
http://www.openwall.com/lists/oss-security/2015/12/25/1
http://www.openwall.com/lists/oss-security/2015/12/26/1
Common Vulnerability Exposure (CVE) ID: CVE-2015-8781
BugTraq ID: 81730
http://www.securityfocus.com/bid/81730
http://www.openwall.com/lists/oss-security/2016/01/24/3
http://www.openwall.com/lists/oss-security/2016/01/24/7
SuSE Security Announcement: openSUSE-SU-2016:0405 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-02/msg00058.html
SuSE Security Announcement: openSUSE-SU-2016:0414 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-02/msg00064.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-8782
Common Vulnerability Exposure (CVE) ID: CVE-2015-8783
Common Vulnerability Exposure (CVE) ID: CVE-2015-8784
BugTraq ID: 81696
http://www.securityfocus.com/bid/81696
http://www.openwall.com/lists/oss-security/2016/01/24/4
http://www.openwall.com/lists/oss-security/2016/01/24/8
Common Vulnerability Exposure (CVE) ID: CVE-2016-3632
BugTraq ID: 85953
http://www.securityfocus.com/bid/85953
BugTraq ID: 85960
http://www.securityfocus.com/bid/85960
http://www.openwall.com/lists/oss-security/2016/04/08/9
Common Vulnerability Exposure (CVE) ID: CVE-2016-3945
Debian Security Information: DSA-3762 (Google Search)
http://www.debian.org/security/2017/dsa-3762
http://www.openwall.com/lists/oss-security/2016/04/08/6
SuSE Security Announcement: openSUSE-SU-2016:2275 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-09/msg00039.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-3990
BugTraq ID: 86000
http://www.securityfocus.com/bid/86000
http://www.openwall.com/lists/oss-security/2016/04/12/2
Common Vulnerability Exposure (CVE) ID: CVE-2016-3991
BugTraq ID: 85996
http://www.securityfocus.com/bid/85996
http://www.openwall.com/lists/oss-security/2016/04/12/3
Common Vulnerability Exposure (CVE) ID: CVE-2016-5320
CopyrightCopyright (C) 2016 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.