Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2017-0137)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2017.0137

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2017-0137)

Resumen: The remote host is missing an update for the 'feh' package(s) announced via the MGASA-2017-0137 advisory.

Descripción: Summary:
The remote host is missing an update for the 'feh' package(s) announced via the MGASA-2017-0137 advisory.

Vulnerability Insight:
Updated feh package to fix a double-free/OOB-write in E17 IPC. This was
a potential security issue as a malicious X11 app running alongside feh
and pretending to be an E17 window manager could have had access to
out-of-bound memory. Security vulnerability: CVE-2017-7875

Affected Software/OS:
'feh' package(s) on Mageia 5.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2017-7875
BugTraq ID: 97689
http://www.securityfocus.com/bid/97689
https://security.gentoo.org/glsa/201707-08
https://lists.debian.org/debian-lts-announce/2020/05/msg00021.html

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2017.0137
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2017-0137)
Resumen:	The remote host is missing an update for the 'feh' package(s) announced via the MGASA-2017-0137 advisory.
Descripción:	Summary: The remote host is missing an update for the 'feh' package(s) announced via the MGASA-2017-0137 advisory. Vulnerability Insight: Updated feh package to fix a double-free/OOB-write in E17 IPC. This was a potential security issue as a malicious X11 app running alongside feh and pretending to be an E17 window manager could have had access to out-of-bound memory. Security vulnerability: CVE-2017-7875 Affected Software/OS: 'feh' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-7875 BugTraq ID: 97689 http://www.securityfocus.com/bid/97689 https://security.gentoo.org/glsa/201707-08 https://lists.debian.org/debian-lts-announce/2020/05/msg00021.html
Copyright	Copyright (C) 2022 Greenbone AG