Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2019-0045)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2019.0045
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2019-0045)
Resumen:	The remote host is missing an update for the 'wavpack' package(s) announced via the MGASA-2019-0045 advisory.
Descripción:	Summary: The remote host is missing an update for the 'wavpack' package(s) announced via the MGASA-2019-0045 advisory. Vulnerability Insight: Joonun Jang discovered that WavPack incorrectly handled certain RF64 files. An attacker could possibly use this to cause a denial of service (CVE-2018-6767). It was discovered that WavPack incorrectly handled certain DSDIFF files. An attacker could possibly use this to execute arbitrary code or cause a denial of service (CVE-2018-7253). It was discovered that WavPack incorrectly handled certain CAF files. An attacker could possibly use this to cause a denial of service (CVE-2018-7254). Thuan Pham, Marcel Bohme, Andrew Santosa and Alexandru Razvan Caciulescu discovered that WavPack incorrectly handled certain .wav files. An attacker could possibly use this to execute arbitrary code or cause a denial of service (CVE-2018-10536, CVE-2018-10537). Thuan Pham, Marcel Bohme, Andrew Santosa and Alexandru Razvan Caciulescu discovered that WavPack incorrectly handled certain .wav files. An attacker could possibly use this to cause a denial of service (CVE-2018-10538, CVE-2018-10539, CVE-2018-10540). It was discovered that WavPack incorrectly handled certain WAV files. An attacker could possibly use this issue to cause a denial of service (CVE-2018-19840, CVE-2018-19841). Affected Software/OS: 'wavpack' package(s) on Mageia 6. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2018-10536 Bugtraq: 20191219 [slackware-security] wavpack (SSA:2019-353-01) (Google Search) https://seclists.org/bugtraq/2019/Dec/37 Debian Security Information: DSA-4197 (Google Search) https://www.debian.org/security/2018/dsa-4197 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BRWQNE3TH5UF64IKHKKHVCHJHUOVKJUH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6CFFFWIWALGQPKINRDW3PRGRD5LOLGZA/ http://packetstormsecurity.com/files/155743/Slackware-Security-Advisory-wavpack-Updates.html https://github.com/dbry/WavPack/commit/26cb47f99d481ad9b93eeff80d26e6b63bbd7e15 https://github.com/dbry/WavPack/issues/30 https://github.com/dbry/WavPack/issues/31 https://github.com/dbry/WavPack/issues/32 https://usn.ubuntu.com/3637-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-10537 Common Vulnerability Exposure (CVE) ID: CVE-2018-10538 https://github.com/dbry/WavPack/commit/6f8bb34c2993a48ab9afbe353e6d0cff7c8d821d https://github.com/dbry/WavPack/issues/33 Common Vulnerability Exposure (CVE) ID: CVE-2018-10539 Common Vulnerability Exposure (CVE) ID: CVE-2018-10540 Common Vulnerability Exposure (CVE) ID: CVE-2018-19840 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZGXJUHCGQI6XKLCBUZHXPYIIWMFWA22/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WVVKOBJR5APOB3KWUWJ4UWQHUBZQL6C6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3BLSOEVEKF4VNNVNZ2AN46BJUT4TGVWT/ https://security.gentoo.org/glsa/202007-19 https://github.com/dbry/WavPack/commit/070ef6f138956d9ea9612e69586152339dbefe51 https://github.com/dbry/WavPack/issues/53 https://lists.debian.org/debian-lts-announce/2021/01/msg00013.html SuSE Security Announcement: openSUSE-SU-2019:1145 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00029.html https://usn.ubuntu.com/3839-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-19841 https://github.com/dbry/WavPack/commit/bba5389dc598a92bdf2b297c3ea34620b6679b5b https://github.com/dbry/WavPack/issues/54 Common Vulnerability Exposure (CVE) ID: CVE-2018-6767 Debian Security Information: DSA-4125 (Google Search) https://www.debian.org/security/2018/dsa-4125 https://usn.ubuntu.com/3568-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-7253 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889559 https://github.com/dbry/WavPack/commit/36a24c7881427d2e1e4dc1cef58f19eee0d13aec https://github.com/dbry/WavPack/issues/28 https://usn.ubuntu.com/3578-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-7254 https://www.exploit-db.com/exploits/44154/ https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889274 https://github.com/dbry/WavPack/commit/8e3fe45a7bac31d9a3b558ae0079e2d92a04799e https://github.com/dbry/WavPack/issues/26
Copyright	Copyright (C) 2022 Greenbone AG