ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2019.0249
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2019-0249)
Resumen:	The remote host is missing an update for the 'sigil' package(s) announced via the MGASA-2019-0249 advisory.
Descripción:	Summary: The remote host is missing an update for the 'sigil' package(s) announced via the MGASA-2019-0249 advisory. Vulnerability Insight: Updated sigil package fixes security vulnerability: Mike Salvatore discovered that Sigil mishandled certain malformed EPUB files. An attacker could use this vulnerability to write arbitrary files to the filesystem (CVE-2019-14452). Affected Software/OS: 'sigil' package(s) on Mageia 6, Mageia 7. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-14452 https://github.com/Sigil-Ebook/Sigil/commit/04e2f280cc4a0766bedcc7b9eb56449ceecc2ad4 https://github.com/Sigil-Ebook/Sigil/commit/0979ba8d10c96ebca330715bfd4494ea0e019a8f https://github.com/Sigil-Ebook/Sigil/commit/369eebe936e4a8c83cc54662a3412ce8bef189e4 https://github.com/Sigil-Ebook/Sigil/compare/ea7f27d...5b867e5 https://github.com/Sigil-Ebook/Sigil/releases/tag/0.9.16 https://github.com/Sigil-Ebook/flightcrew/issues/52#issuecomment-505967936 https://github.com/Sigil-Ebook/flightcrew/issues/52#issuecomment-505997355 https://salvatoresecurity.com/zip-slip-in-sigil-cve-2019-14452/ https://usn.ubuntu.com/4085-1/
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.