Test ID:	1.3.6.1.4.1.25623.1.1.10.2017.0329
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2017-0329)
Summary:	The remote host is missing an update for the 'poppler' package(s) announced via the MGASA-2017-0329 advisory.
Description:	Summary: The remote host is missing an update for the 'poppler' package(s) announced via the MGASA-2017-0329 advisory. Vulnerability Insight: Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document (CVE-2017-9776). The function GfxImageColorMap::getGray in GfxState.cc in Poppler allows attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted PDF document, related to missing color-map validation in ImageOutputDev.cc (CVE-2017-9865). Affected Software/OS: 'poppler' package(s) on Mageia 6. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-9776 BugTraq ID: 99240 http://www.securityfocus.com/bid/99240 Debian Security Information: DSA-4079 (Google Search) https://www.debian.org/security/2018/dsa-4079 RedHat Security Advisories: RHSA-2017:2550 https://access.redhat.com/errata/RHSA-2017:2550 RedHat Security Advisories: RHSA-2017:2551 https://access.redhat.com/errata/RHSA-2017:2551 Common Vulnerability Exposure (CVE) ID: CVE-2017-9865 https://security.gentoo.org/glsa/201801-17 http://somevulnsofadlab.blogspot.com/2017/06/popplerstack-buffer-overflow-in.html https://bugs.freedesktop.org/show_bug.cgi?id=100774 https://usn.ubuntu.com/4042-1/
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.