Test ID:	1.3.6.1.4.1.25623.1.1.10.2016.0242
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2016-0242)
Summary:	The remote host is missing an update for the 'libgd' package(s) announced via the MGASA-2016-0242 advisory.
Description:	Summary: The remote host is missing an update for the 'libgd' package(s) announced via the MGASA-2016-0242 advisory. Vulnerability Insight: Stack overflow with imagefilltoborder (CVE-2015-8874). Integer Overflow in _gd2GetHeader() resulting in heap overflow (CVE-2016-5766). Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow (CVE-2016-5767). Improperly handling invalid color index in gdImageCropThreshold() could result in denial of service (CVE-2016-6128). Affected Software/OS: 'libgd' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-8874 Debian Security Information: DSA-3587 (Google Search) http://www.debian.org/security/2016/dsa-3587 RedHat Security Advisories: RHSA-2016:2750 http://rhn.redhat.com/errata/RHSA-2016-2750.html SuSE Security Announcement: openSUSE-SU-2016:1524 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-06/msg00027.html http://www.ubuntu.com/usn/USN-2987-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-5766 Debian Security Information: DSA-3619 (Google Search) http://www.debian.org/security/2016/dsa-3619 https://security.gentoo.org/glsa/201612-09 http://www.openwall.com/lists/oss-security/2016/06/23/4 RedHat Security Advisories: RHSA-2016:2598 http://rhn.redhat.com/errata/RHSA-2016-2598.html SuSE Security Announcement: SUSE-SU-2016:2013 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00025.html SuSE Security Announcement: openSUSE-SU-2016:1761 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html SuSE Security Announcement: openSUSE-SU-2016:1922 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html http://www.ubuntu.com/usn/USN-3030-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-5767 BugTraq ID: 91395 http://www.securityfocus.com/bid/91395 Common Vulnerability Exposure (CVE) ID: CVE-2016-6128 BugTraq ID: 91509 http://www.securityfocus.com/bid/91509 http://www.openwall.com/lists/oss-security/2016/06/30/1 http://www.securitytracker.com/id/1036276 SuSE Security Announcement: openSUSE-SU-2016:2117 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-08/msg00086.html SuSE Security Announcement: openSUSE-SU-2016:2363 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-09/msg00078.html
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.