Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2017-0479)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2017.0479

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2017-0479)

Resumen: The remote host is missing an update for the 'mupdf' package(s) announced via the MGASA-2017-0479 advisory.

Descripción: Summary:
The remote host is missing an update for the 'mupdf' package(s) announced via the MGASA-2017-0479 advisory.

Vulnerability Insight:
Multiple vulnerabilities have been found in the PDF viewer MuPDF, which
may result in denial of service or the execution of arbitrary code if a
malformed PDF file is opened (CVE-2016-8674, CVE-2017-5896, CVE-2017-5991)

Terry Chia and Jeremy Heng discovered an integer overflow that can cause
arbitrary code execution via a crafted .pdf file (CVE-2017-15587).

Affected Software/OS:
'mupdf' package(s) on Mageia 5.

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2016-8674
BugTraq ID: 93127
http://www.securityfocus.com/bid/93127
Debian Security Information: DSA-3797 (Google Search)
http://www.debian.org/security/2017/dsa-3797
https://blogs.gentoo.org/ago/2016/09/22/mupdf-use-after-free-in-pdf_to_num-pdf-object-c/
http://www.openwall.com/lists/oss-security/2016/10/16/8
Common Vulnerability Exposure (CVE) ID: CVE-2017-15587
Debian Security Information: DSA-4006 (Google Search)
http://www.debian.org/security/2017/dsa-4006
https://security.gentoo.org/glsa/201811-15
https://lists.debian.org/debian-lts-announce/2017/11/msg00007.html
Common Vulnerability Exposure (CVE) ID: CVE-2017-5896
BugTraq ID: 96139
http://www.securityfocus.com/bid/96139
https://security.gentoo.org/glsa/201702-12
http://www.openwall.com/lists/oss-security/2017/02/06/3
http://www.openwall.com/lists/oss-security/2017/02/07/1
Common Vulnerability Exposure (CVE) ID: CVE-2017-5991
BugTraq ID: 96213
http://www.securityfocus.com/bid/96213
https://www.exploit-db.com/exploits/42138/
https://security.gentoo.org/glsa/201706-08

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2017.0479
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2017-0479)
Resumen:	The remote host is missing an update for the 'mupdf' package(s) announced via the MGASA-2017-0479 advisory.
Descripción:	Summary: The remote host is missing an update for the 'mupdf' package(s) announced via the MGASA-2017-0479 advisory. Vulnerability Insight: Multiple vulnerabilities have been found in the PDF viewer MuPDF, which may result in denial of service or the execution of arbitrary code if a malformed PDF file is opened (CVE-2016-8674, CVE-2017-5896, CVE-2017-5991) Terry Chia and Jeremy Heng discovered an integer overflow that can cause arbitrary code execution via a crafted .pdf file (CVE-2017-15587). Affected Software/OS: 'mupdf' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-8674 BugTraq ID: 93127 http://www.securityfocus.com/bid/93127 Debian Security Information: DSA-3797 (Google Search) http://www.debian.org/security/2017/dsa-3797 https://blogs.gentoo.org/ago/2016/09/22/mupdf-use-after-free-in-pdf_to_num-pdf-object-c/ http://www.openwall.com/lists/oss-security/2016/10/16/8 Common Vulnerability Exposure (CVE) ID: CVE-2017-15587 Debian Security Information: DSA-4006 (Google Search) http://www.debian.org/security/2017/dsa-4006 https://security.gentoo.org/glsa/201811-15 https://lists.debian.org/debian-lts-announce/2017/11/msg00007.html Common Vulnerability Exposure (CVE) ID: CVE-2017-5896 BugTraq ID: 96139 http://www.securityfocus.com/bid/96139 https://security.gentoo.org/glsa/201702-12 http://www.openwall.com/lists/oss-security/2017/02/06/3 http://www.openwall.com/lists/oss-security/2017/02/07/1 Common Vulnerability Exposure (CVE) ID: CVE-2017-5991 BugTraq ID: 96213 http://www.securityfocus.com/bid/96213 https://www.exploit-db.com/exploits/42138/ https://security.gentoo.org/glsa/201706-08
Copyright	Copyright (C) 2022 Greenbone AG