Test ID:	1.3.6.1.4.1.25623.1.1.10.2017.0035
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2017-0035)
Summary:	The remote host is missing an update for the 'libxpm' package(s) announced via the MGASA-2017-0035 advisory.
Description:	Summary: The remote host is missing an update for the 'libxpm' package(s) announced via the MGASA-2017-0035 advisory. Vulnerability Insight: An out of boundary write has been found in libXpm before 3.5.12 which can be exploited by an attacker through maliciously crafted XPM files. To trigger the vulnerability, a program must explicitly request to also parse XPM extensions while reading files. The motif toolkit and xdm are two among some programs that set the flag (XpmReturnExtensions). It can only be exploited on 64-bit systems (CVE-2016-10164). Affected Software/OS: 'libxpm' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-10164 BugTraq ID: 95785 http://www.securityfocus.com/bid/95785 Debian Security Information: DSA-3772 (Google Search) http://www.debian.org/security/2017/dsa-3772 https://security.gentoo.org/glsa/201701-72 http://www.openwall.com/lists/oss-security/2017/01/22/2 http://www.openwall.com/lists/oss-security/2017/01/25/7 https://lists.freedesktop.org/archives/xorg/2016-December/058537.html RedHat Security Advisories: RHSA-2017:1865 https://access.redhat.com/errata/RHSA-2017:1865
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.