 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.1.10.2017.0378 |
| Categoría: | Mageia Linux Local Security Checks |
| Título: | Mageia: Security Advisory (MGASA-2017-0378) |
| Resumen: | The remote host is missing an update for the 'poppler' package(s) announced via the MGASA-2017-0378 advisory. |
| Descripción: | Summary: The remote host is missing an update for the 'poppler' package(s) announced via the MGASA-2017-0378 advisory. Vulnerability Insight: In Poppler 0.59.0, a floating point exception exists in the isImageInterpolationRequired() function in Splash.cc via a crafted PDF document. (CVE-2017-14518) In Poppler 0.59.0, a floating point exception occurs in the ImageStream class in Stream.cc, which may lead to a potential attack when handling malicious PDF files. (CVE-2017-14617) In Poppler 0.59.0, a NULL Pointer Dereference exists in AnnotRichMedia::Content::Content in Annot.cc via a crafted PDF document. (CVE-2017-14926) In Poppler 0.59.0, a NULL Pointer Dereference exists in AnnotRichMedia::Configuration::Configuration in Annot.cc via a crafted PDF document. (CVE-2017-14928) In Poppler 0.59.0, memory corruption occurs in a call to Object::dictLookup() in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opFill, Gfx::doPatternFill, Gfx::doTilingPatternFill and Gfx::drawForm calls (aka a Gfx.cc infinite loop), a different vulnerability than CVE-2017-14519. (CVE-2017-14929) The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability because a data structure is not initialized, which allows an attacker to launch a denial of service attack. (CVE-2017-14975) The FoFiTrueType::getCFFBlock function in FoFiTrueType.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability due to lack of validation of a table pointer, which allows an attacker to launch a denial of service attack. (CVE-2017-14977) Affected Software/OS: 'poppler' package(s) on Mageia 5, Mageia 6. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2017-14518 Debian Security Information: DSA-4079 (Google Search) https://www.debian.org/security/2018/dsa-4079 Common Vulnerability Exposure (CVE) ID: CVE-2017-14617 Common Vulnerability Exposure (CVE) ID: CVE-2017-14926 https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html Common Vulnerability Exposure (CVE) ID: CVE-2017-14928 Common Vulnerability Exposure (CVE) ID: CVE-2017-14929 Debian Security Information: DSA-4097 (Google Search) https://www.debian.org/security/2018/dsa-4097 Common Vulnerability Exposure (CVE) ID: CVE-2017-14975 https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html Common Vulnerability Exposure (CVE) ID: CVE-2017-14977 |
| Copyright | Copyright (C) 2022 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |