ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2019.0073
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2019-0073)
Resumen:	The remote host is missing an update for the 'libgd' package(s) announced via the MGASA-2019-0073 advisory.
Descripción:	Summary: The remote host is missing an update for the 'libgd' package(s) announced via the MGASA-2019-0073 advisory. Vulnerability Insight: gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5 has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigger calls to the function with crafted image data (CVE-2019-6977). The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c (CVE-2019-6978). Affected Software/OS: 'libgd' package(s) on Mageia 6. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-6977 BugTraq ID: 106731 http://www.securityfocus.com/bid/106731 Debian Security Information: DSA-4384 (Google Search) https://www.debian.org/security/2019/dsa-4384 https://www.exploit-db.com/exploits/46677/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TTXSLRZI5BCQT3H5KALG3DHUWUMNPDX2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TEYUUOW75YD3DENIPYMO263E6NL2NFHI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WRUPZVT2MWFUEMVGTRAGDOBHLNMGK5R/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/ https://security.gentoo.org/glsa/201903-18 http://packetstormsecurity.com/files/152459/PHP-7.2-imagecolormatch-Out-Of-Band-Heap-Write.html http://php.net/ChangeLog-5.php http://php.net/ChangeLog-7.php https://bugs.php.net/bug.php?id=77270 https://lists.debian.org/debian-lts-announce/2019/01/msg00028.html RedHat Security Advisories: RHSA-2019:2519 https://access.redhat.com/errata/RHSA-2019:2519 RedHat Security Advisories: RHSA-2019:3299 https://access.redhat.com/errata/RHSA-2019:3299 SuSE Security Announcement: openSUSE-SU-2019:1140 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00031.html SuSE Security Announcement: openSUSE-SU-2019:1148 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00025.html https://usn.ubuntu.com/3900-1/ Common Vulnerability Exposure (CVE) ID: CVE-2019-6978 https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0 https://github.com/libgd/libgd/issues/492 https://github.com/php/php-src/commit/089f7c0bc28d399b0420aa6ef058e4c1c120b2ae RedHat Security Advisories: RHSA-2019:2722 https://access.redhat.com/errata/RHSA-2019:2722
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.