Test ID:	1.3.6.1.4.1.25623.1.0.851304
Category:	SuSE Local Security Checks
Title:	openSUSE: Security Advisory for ImageMagick (openSUSE-SU-2016:1261-1)
Summary:	The remote host is missing an update for the 'ImageMagick'; package(s) announced via the referenced advisory.
Description:	Summary: The remote host is missing an update for the 'ImageMagick' package(s) announced via the referenced advisory. Vulnerability Insight: This update for ImageMagick fixes the following issues: The update disables various insecure coders [boo#978061] These fix issues tracked in CVE-2016-3714, CVE-2016-3715, CVE-2016-3716, CVE-2016-3717, CVE-2016-3718 Affected Software/OS: ImageMagick on openSUSE 13.2 Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-3714 1035742 http://www.securitytracker.com/id/1035742 20160513 May 2016 - HipChat Server - Critical Security Advisory http://www.securityfocus.com/archive/1/538378/100/0/threaded 39767 https://www.exploit-db.com/exploits/39767/ 39791 https://www.exploit-db.com/exploits/39791/ 89848 http://www.securityfocus.com/bid/89848 DSA-3580 http://www.debian.org/security/2016/dsa-3580 DSA-3746 http://www.debian.org/security/2016/dsa-3746 GLSA-201611-21 https://security.gentoo.org/glsa/201611-21 RHSA-2016:0726 http://rhn.redhat.com/errata/RHSA-2016-0726.html SSA:2016-132-01 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.440568 SUSE-SU-2016:1260 http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00024.html SUSE-SU-2016:1275 http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00032.html SUSE-SU-2016:1301 http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00041.html USN-2990-1 http://www.ubuntu.com/usn/USN-2990-1 VU#250519 https://www.kb.cert.org/vuls/id/250519 [oss-security] 20160503 ImageMagick Is On Fire -- CVE-2016-3714 http://www.openwall.com/lists/oss-security/2016/05/03/13 [oss-security] 20160504 Re: ImageMagick Is On Fire -- CVE-2016-3714 http://www.openwall.com/lists/oss-security/2016/05/03/18 http://git.imagemagick.org/repos/ImageMagick/blob/a01518e08c840577cabd7d3ff291a9ba735f7276/ChangeLog http://packetstormsecurity.com/files/152364/ImageTragick-ImageMagick-Proof-Of-Concepts.html http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html http://www.rapid7.com/db/modules/exploit/unix/fileformat/imagemagick_delegate https://access.redhat.com/security/vulnerabilities/2296071 https://bugzilla.redhat.com/show_bug.cgi?id=1332492 https://imagetragick.com/ https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588 https://www.imagemagick.org/script/changelog.php openSUSE-SU-2016:1261 http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00025.html openSUSE-SU-2016:1266 http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00028.html openSUSE-SU-2016:1326 http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00051.html Common Vulnerability Exposure (CVE) ID: CVE-2016-3715 89852 http://www.securityfocus.com/bid/89852 Common Vulnerability Exposure (CVE) ID: CVE-2016-3716 [debian-lts-announce] 20180627 [SECURITY] [DLA 1401-1] graphicsmagick security update https://lists.debian.org/debian-lts-announce/2018/06/msg00009.html Common Vulnerability Exposure (CVE) ID: CVE-2016-3717 Common Vulnerability Exposure (CVE) ID: CVE-2016-3718
Copyright	Copyright (C) 2016 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.