ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2018.0051
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2018-0051)
Resumen:	The remote host is missing an update for the 'libexif' package(s) announced via the MGASA-2018-0051 advisory.
Descripción:	Summary: The remote host is missing an update for the 'libexif' package(s) announced via the MGASA-2018-0051 advisory. Vulnerability Insight: A vulnerability was found in libexif. The vulnerability is caused by an integer overflow. In some cases, the integer overflow can cause Heap Out-of-Bounds Read, i.e. Heap Buffer Overflow vulnerability. In some other cases, the integer overflow can cause use of uninitialized pointer variable, i.e. Use of Uninitialized Variable Vulnerability. The vulnerability happens when parsing MNOTE entry data of the input file. The vulnerability can cause Denial-of-Service (DoS) and Information Disclosure (disclosing some critical heap chunk metadata, even other applications' private data) (CVE-2016-6328). Affected Software/OS: 'libexif' package(s) on Mageia 5, Mageia 6. Solution: Please install the updated package(s). CVSS Score: 5.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6328 GLSA-202007-05 https://security.gentoo.org/glsa/202007-05 USN-4277-1 https://usn.ubuntu.com/4277-1/ [debian-lts-announce] 20200518 [SECURITY] [DLA 2214-1] libexif security update https://lists.debian.org/debian-lts-announce/2020/05/msg00016.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-6328 openSUSE-SU-2020:0793 http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00017.html
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.