Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.63368
Kategorie:Red Hat Local Security Checks
Titel:RedHat Security Advisory RHSA-2009:0012
Zusammenfassung:NOSUMMARY
Beschreibung:Description:
The remote host is missing updates announced in
advisory RHSA-2009:0012.

The netpbm package contains a library of functions for editing and
converting between various graphics file formats, including .pbm (portable
bitmaps), .pgm (portable graymaps), .pnm (portable anymaps), .ppm (portable
pixmaps), and others.

An input validation flaw and multiple integer overflows were discovered in
the JasPer library providing support for JPEG-2000 image format and used in
the jpeg2ktopam and pamtojpeg2k converters. An attacker could create a
carefully-crafted JPEG file which could cause jpeg2ktopam to crash or,
possibly, execute arbitrary code as the user running jpeg2ktopam.
(CVE-2007-2721, CVE-2008-3520)

All users are advised to upgrade to these updated packages which contain
backported patches which resolve these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2009-0012.html
http://www.redhat.com/security/updates/classification/#moderate

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2007-2721
BugTraq ID: 24052
http://www.securityfocus.com/bid/24052
Debian Security Information: DSA-2036 (Google Search)
http://www.debian.org/security/2010/dsa-2036
http://www.mandriva.com/security/advisories?name=MDKSA-2007:129
http://www.mandriva.com/security/advisories?name=MDKSA-2007:208
http://www.mandriva.com/security/advisories?name=MDKSA-2007:209
http://www.mandriva.com/security/advisories?name=MDVSA-2009:142
http://www.mandriva.com/security/advisories?name=MDVSA-2009:164
http://osvdb.org/36137
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9397
http://www.redhat.com/support/errata/RHSA-2009-0012.html
http://secunia.com/advisories/25287
http://secunia.com/advisories/25703
http://secunia.com/advisories/26516
http://secunia.com/advisories/27319
http://secunia.com/advisories/27489
http://secunia.com/advisories/39505
http://www.ubuntu.com/usn/usn-501-1
http://www.ubuntu.com/usn/usn-501-2
http://www.vupen.com/english/advisories/2010/0912
Common Vulnerability Exposure (CVE) ID: CVE-2008-3520
BugTraq ID: 31470
http://www.securityfocus.com/bid/31470
http://security.gentoo.org/glsa/glsa-200812-18.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2009:144
http://bugs.gentoo.org/show_bug.cgi?id=222819
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10141
RedHat Security Advisories: RHSA-2015:0698
http://rhn.redhat.com/errata/RHSA-2015-0698.html
http://secunia.com/advisories/33173
http://secunia.com/advisories/34391
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606
http://www.ubuntu.com/usn/USN-742-1
XForce ISS Database: jasper-image-file-bo(45621)
https://exchange.xforce.ibmcloud.com/vulnerabilities/45621
CopyrightCopyright (c) 2009 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.