Test ID:	1.3.6.1.4.1.25623.1.0.851951
Category:	SuSE Local Security Checks
Title:	openSUSE: Security Advisory for pango (openSUSE-SU-2018:2790-1)
Summary:	The remote host is missing an update for the 'pango'; package(s) announced via the openSUSE-SU-2018:2790-1 advisory.
Description:	Summary: The remote host is missing an update for the 'pango' package(s) announced via the openSUSE-SU-2018:2790-1 advisory. Vulnerability Insight: This update for pango fixes the following issue: Security issue fixed: - CVE-2018-15120: Fixed a denial of service when parsing emoji (bsc#1103877) This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2018-1026=1 Affected Software/OS: pango on openSUSE Leap 15.0. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-15120 https://www.exploit-db.com/exploits/45263/ https://security.gentoo.org/glsa/201811-07 http://52.117.224.77/xfce4-pdos.webm https://i.redd.it/v7p4n2ptu0s11.jpg https://www.exploit-db.com/exploits/45263 https://www.ign.com/articles/2018/10/16/ps4s-are-reportedly-being-bricked-and-sony-is-working-on-a-fix https://www.reddit.com/r/PS4/comments/9o5efg/message_bricking_console_megathread/ https://mail.gnome.org/archives/distributor-list/2018-August/msg00001.html https://usn.ubuntu.com/3750-1/
Copyright	Copyright (C) 2018 Greenbone Networks GmbH

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.