 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.1.1.2.2023.3585 |
| Category: | Debian Local Security Checks |
| Title: | Debian: Security Advisory (DLA-3585-1) |
| Summary: | The remote host is missing an update for the Debian 'exempi' package(s) announced via the DLA-3585-1 advisory. |
| Description: | Summary: The remote host is missing an update for the Debian 'exempi' package(s) announced via the DLA-3585-1 advisory. Vulnerability Insight: Multiple vulneratibilities were found in exempi, an implementation of XMP (Extensible Metadata Platform). CVE-2020-18651 A Buffer Overflow vulnerability was found in function ID3_Support::ID3v2Frame::getFrameValue allows remote attackers to cause a denial of service. CVE-2020-18652 A Buffer Overflow vulnerability was found in WEBP_Support.cpp allows remote attackers to cause a denial of service. CVE-2021-36045 An out-of-bounds read vulnerability was found that could lead to disclosure of arbitrary memory. CVE-2021-36046 A memory corruption vulnerability was found, potentially resulting in arbitrary code execution in the context of the current use CVE-2021-36047 An Improper Input Validation vulnerability was found, potentially resulting in arbitrary code execution in the context of the current use. CVE-2021-36048 An Improper Input Validation was found, potentially resulting in arbitrary code execution in the context of the current user. CVE-2021-36050 A buffer overflow vulnerability was found, potentially resulting in arbitrary code execution in the context of the current user. CVE-2021-36051 A buffer overflow vulnerability was found, potentially resulting in arbitrary code execution in the context of the current user. CVE-2021-36052 A memory corruption vulnerability was found, potentially resulting in arbitrary code execution in the context of the current user. CVE-2021-36053 An out-of-bounds read vulnerability was found, that could lead to disclosure of arbitrary memory. CVE-2021-36054 A buffer overflow vulnerability was found potentially resulting in local application denial of service. CVE-2021-36055 A use-after-free vulnerability was found that could result in arbitrary code execution. CVE-2021-36056 A buffer overflow vulnerability was found, potentially resulting in arbitrary code execution in the context of the current user. CVE-2021-36057 A write-what-where condition vulnerability was found, caused during the application's memory allocation process. This may cause the memory management functions to become mismatched resulting in local application denial of service in the context of the current user. CVE-2021-36058 An Integer Overflow vulnerability was found, potentially resulting in application-level denial of service in the context of the current user. CVE-2021-36064 A Buffer Underflow vulnerability was found which could result in arbitrary code execution in the context of the current user CVE-2021-39847 A stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. CVE-2021-40716 An out-of-bounds read vulnerability was found that could lead to disclosure of sensitive memory CVE-2021-40732 A null pointer dereference vulnerability was found, that could result in leaking data from certain memory locations and causing a local denial of service CVE-2021-42528 A ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'exempi' package(s) on Debian 10. Solution: Please install the updated package(s). CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2020-18651 https://gitlab.freedesktop.org/libopenraw/exempi/commit/fdd4765a699f9700850098b43b9798b933acb32f https://gitlab.freedesktop.org/libopenraw/exempi/issues/13 https://lists.debian.org/debian-lts-announce/2023/09/msg00032.html Common Vulnerability Exposure (CVE) ID: CVE-2020-18652 https://gitlab.freedesktop.org/libopenraw/exempi/commit/acee2894ceb91616543927c2a6e45050c60f98f7 https://gitlab.freedesktop.org/libopenraw/exempi/issues/12 Common Vulnerability Exposure (CVE) ID: CVE-2021-36045 https://helpx.adobe.com/security/products/xmpcore/apsb21-65.html Common Vulnerability Exposure (CVE) ID: CVE-2021-36046 Common Vulnerability Exposure (CVE) ID: CVE-2021-36047 Common Vulnerability Exposure (CVE) ID: CVE-2021-36048 Common Vulnerability Exposure (CVE) ID: CVE-2021-36050 Common Vulnerability Exposure (CVE) ID: CVE-2021-36051 Common Vulnerability Exposure (CVE) ID: CVE-2021-36052 Common Vulnerability Exposure (CVE) ID: CVE-2021-36053 Common Vulnerability Exposure (CVE) ID: CVE-2021-36054 Common Vulnerability Exposure (CVE) ID: CVE-2021-36055 Common Vulnerability Exposure (CVE) ID: CVE-2021-36056 Common Vulnerability Exposure (CVE) ID: CVE-2021-36057 Common Vulnerability Exposure (CVE) ID: CVE-2021-36058 Common Vulnerability Exposure (CVE) ID: CVE-2021-36064 Common Vulnerability Exposure (CVE) ID: CVE-2021-39847 Common Vulnerability Exposure (CVE) ID: CVE-2021-40716 https://helpx.adobe.com/security/products/xmpcore/apsb21-85.html Common Vulnerability Exposure (CVE) ID: CVE-2021-40732 Common Vulnerability Exposure (CVE) ID: CVE-2021-42528 https://helpx.adobe.com/security/products/xmpcore/apsb21-108.html Common Vulnerability Exposure (CVE) ID: CVE-2021-42529 Common Vulnerability Exposure (CVE) ID: CVE-2021-42530 Common Vulnerability Exposure (CVE) ID: CVE-2021-42531 Common Vulnerability Exposure (CVE) ID: CVE-2021-42532 |
| Copyright | Copyright (C) 2023 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |