 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.1.10.2017.0391 |
| Categoría: | Mageia Linux Local Security Checks |
| Título: | Mageia: Security Advisory (MGASA-2017-0391) |
| Resumen: | The remote host is missing an update for the 'exiv2' package(s) announced via the MGASA-2017-0391 advisory. |
| Descripción: | Summary: The remote host is missing an update for the 'exiv2' package(s) announced via the MGASA-2017-0391 advisory. Vulnerability Insight: Opening an image created on certain pentax cameras with gwenview, which uses the exiv2 library, causes gwenview to segfault. Exiv2 upstream created a patch to resolve this problem (bugfix - applies only to mga6). The following security issues were also fixed: *Heap overflow in Exiv2::Image::printIFDStructure (CVE-2017-11336) *Invalid free in the Action::TaskFactory::cleanup function (CVE-2017-11337) *Infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp (CVE-2017-11338) *Heap-based buffer overflow in the Image::printIFDStructure function of image.cpp (CVE-2017-11339) *Segmentation fault in the XmpParser::terminate() function (CVE-2017-11340) *Illegal address access in the extend_alias_table function in localealias.c (CVE-2017-11553) *Floating point exception in the Exiv2::ValueType function (CVE-2017-11591) *Alloc-dealloc-mismatch in Exiv2::FileIo::seek (CVE-2017-11592) *Reachable assertion in the Internal::TiffReader::visitDirectory function in tiffvisitor.cpp (CVE-2017-11683) *Heap-based buffer overflow in basicio.cpp (CVE-2017-12955) *Illegal address access in Exiv2::FileIo::path[abi:cxx11]() in basicio.cpp (CVE-2017-12956) *Heap-based buffer over-read in the Exiv2::Image::io function in image.cpp (CVE-2017-12957) *Bad free in Exiv2::Image::~ Image (CVE-2017-14857) *Invalid memory address dereference in Exiv2::DataValue::read (CVE-2017-14859) *Heap-buffer-overflow in Exiv2::Jp2Image::readMetadata (CVE-2017-14860) *Invalid memory address dereference in Exiv2::StringValueBase::read (CVE-2017-14862) *Invalid memory address dereference in Exiv2::getULong (CVE-2017-14864) Affected Software/OS: 'exiv2' package(s) on Mageia 5, Mageia 6. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2017-11336 https://bugzilla.redhat.com/show_bug.cgi?id=1470729 Common Vulnerability Exposure (CVE) ID: CVE-2017-11337 https://bugzilla.redhat.com/show_bug.cgi?id=1470737 Common Vulnerability Exposure (CVE) ID: CVE-2017-11338 https://bugzilla.redhat.com/show_bug.cgi?id=1470913 Common Vulnerability Exposure (CVE) ID: CVE-2017-11339 https://bugzilla.redhat.com/show_bug.cgi?id=1470946 Common Vulnerability Exposure (CVE) ID: CVE-2017-11340 https://bugzilla.redhat.com/show_bug.cgi?id=1470950 Common Vulnerability Exposure (CVE) ID: CVE-2017-11553 https://bugzilla.redhat.com/show_bug.cgi?id=1471772 Common Vulnerability Exposure (CVE) ID: CVE-2017-11591 https://bugzilla.redhat.com/show_bug.cgi?id=1473888 https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html https://usn.ubuntu.com/3852-1/ Common Vulnerability Exposure (CVE) ID: CVE-2017-11592 https://bugzilla.redhat.com/show_bug.cgi?id=1473889 Common Vulnerability Exposure (CVE) ID: CVE-2017-11683 BugTraq ID: 100030 http://www.securityfocus.com/bid/100030 https://bugzilla.redhat.com/show_bug.cgi?id=1475124 https://lists.debian.org/debian-lts-announce/2022/11/msg00013.html Common Vulnerability Exposure (CVE) ID: CVE-2017-12955 https://bugzilla.redhat.com/show_bug.cgi?id=1482295 Common Vulnerability Exposure (CVE) ID: CVE-2017-12956 https://bugzilla.redhat.com/show_bug.cgi?id=1482296 Common Vulnerability Exposure (CVE) ID: CVE-2017-12957 https://bugzilla.redhat.com/show_bug.cgi?id=1482423 Common Vulnerability Exposure (CVE) ID: CVE-2017-14857 https://bugzilla.redhat.com/show_bug.cgi?id=1495043 Common Vulnerability Exposure (CVE) ID: CVE-2017-14859 https://bugzilla.redhat.com/show_bug.cgi?id=1494780 Common Vulnerability Exposure (CVE) ID: CVE-2017-14860 https://bugzilla.redhat.com/show_bug.cgi?id=1494776 Common Vulnerability Exposure (CVE) ID: CVE-2017-14862 https://bugzilla.redhat.com/show_bug.cgi?id=1494786 Common Vulnerability Exposure (CVE) ID: CVE-2017-14864 https://bugzilla.redhat.com/show_bug.cgi?id=1494467 |
| Copyright | Copyright (C) 2022 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |