Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2014-0514)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2014.0514

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2014-0514)

Resumen: The remote host is missing an update for the 'jasper' package(s) announced via the MGASA-2014-0514 advisory.

Descripción: Summary:
The remote host is missing an update for the 'jasper' package(s) announced via the MGASA-2014-0514 advisory.

Vulnerability Insight:
Updated jasper packages fix security vulnerability:

Josh Duart of the Google Security Team discovered heap-based buffer overflow
flaws in JasPer, which could lead to denial of service (application crash) or
the execution of arbitrary code (CVE-2014-9029).

Affected Software/OS:
'jasper' package(s) on Mageia 4.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2014-9029
BugTraq ID: 71476
http://www.securityfocus.com/bid/71476
Bugtraq: 20141204 [oCERT-2014-009] JasPer input sanitization errors (Google Search)
http://www.securityfocus.com/archive/1/534153/100/0/threaded
Debian Security Information: DSA-3089 (Google Search)
http://www.debian.org/security/2014/dsa-3089
http://www.mandriva.com/security/advisories?name=MDVSA-2014:247
http://www.mandriva.com/security/advisories?name=MDVSA-2015:159
http://packetstormsecurity.com/files/129393/JasPer-1.900.1-Buffer-Overflow.html
http://www.ocert.org/advisories/ocert-2014-009.html
http://www.openwall.com/lists/oss-security/2014/12/04/9
RedHat Security Advisories: RHSA-2014:2021
http://rhn.redhat.com/errata/RHSA-2014-2021.html
RedHat Security Advisories: RHSA-2015:0698
http://rhn.redhat.com/errata/RHSA-2015-0698.html
http://secunia.com/advisories/61747
http://secunia.com/advisories/62828
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606
http://www.ubuntu.com/usn/USN-2434-1
http://www.ubuntu.com/usn/USN-2434-2
XForce ISS Database: jasper-cve20149029-bo(99125)
https://exchange.xforce.ibmcloud.com/vulnerabilities/99125

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2014.0514
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2014-0514)
Resumen:	The remote host is missing an update for the 'jasper' package(s) announced via the MGASA-2014-0514 advisory.
Descripción:	Summary: The remote host is missing an update for the 'jasper' package(s) announced via the MGASA-2014-0514 advisory. Vulnerability Insight: Updated jasper packages fix security vulnerability: Josh Duart of the Google Security Team discovered heap-based buffer overflow flaws in JasPer, which could lead to denial of service (application crash) or the execution of arbitrary code (CVE-2014-9029). Affected Software/OS: 'jasper' package(s) on Mageia 4. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-9029 BugTraq ID: 71476 http://www.securityfocus.com/bid/71476 Bugtraq: 20141204 [oCERT-2014-009] JasPer input sanitization errors (Google Search) http://www.securityfocus.com/archive/1/534153/100/0/threaded Debian Security Information: DSA-3089 (Google Search) http://www.debian.org/security/2014/dsa-3089 http://www.mandriva.com/security/advisories?name=MDVSA-2014:247 http://www.mandriva.com/security/advisories?name=MDVSA-2015:159 http://packetstormsecurity.com/files/129393/JasPer-1.900.1-Buffer-Overflow.html http://www.ocert.org/advisories/ocert-2014-009.html http://www.openwall.com/lists/oss-security/2014/12/04/9 RedHat Security Advisories: RHSA-2014:2021 http://rhn.redhat.com/errata/RHSA-2014-2021.html RedHat Security Advisories: RHSA-2015:0698 http://rhn.redhat.com/errata/RHSA-2015-0698.html http://secunia.com/advisories/61747 http://secunia.com/advisories/62828 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606 http://www.ubuntu.com/usn/USN-2434-1 http://www.ubuntu.com/usn/USN-2434-2 XForce ISS Database: jasper-cve20149029-bo(99125) https://exchange.xforce.ibmcloud.com/vulnerabilities/99125
Copyright	Copyright (C) 2022 Greenbone AG