Ubuntu Local Security Checks : Ubuntu Update for ghostscript USN-3403-1

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.843765

Kategorie: Ubuntu Local Security Checks

Titel: Ubuntu Update for ghostscript USN-3403-1

Zusammenfassung: The remote host is missing an update for the 'ghostscript'; package(s) announced via the USN-3403-1 advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'ghostscript'
package(s) announced via the USN-3403-1 advisory.

Vulnerability Insight:
Kamil Frankowicz discovered that Ghostscript mishandles references.
A remote attacker could use this to cause a denial of service.
(CVE-2017-11714)

Kim Gwan Yeong discovered that Ghostscript could allow a heap-based
buffer over-read and application crash. A remote attacker could use a
crafted document to cause a denial of service. (CVE-2017-9611,
CVE-2017-9726, CVE-2017-9727, CVE-2017-9739)

Kim Gwan Yeong discovered an use-after-free vulnerability in
Ghostscript. A remote attacker could use a crafted file to cause a
denial of service. (CVE-2017-9612)

Kim Gwan Yeong discovered a lack of integer overflow check in
Ghostscript. A remote attacker could use crafted PostScript document to
cause a denial of service. (CVE-2017-9835)

Affected Software/OS:
ghostscript on Ubuntu 17.04,
Ubuntu 16.04 LTS,
Ubuntu 14.04 LTS.

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2017-9611
BugTraq ID: 99975
http://www.securityfocus.com/bid/99975
Debian Security Information: DSA-3986 (Google Search)
http://www.debian.org/security/2017/dsa-3986
https://security.gentoo.org/glsa/201811-12
Common Vulnerability Exposure (CVE) ID: CVE-2017-9726
BugTraq ID: 99992
http://www.securityfocus.com/bid/99992
Common Vulnerability Exposure (CVE) ID: CVE-2017-9727
BugTraq ID: 99999
http://www.securityfocus.com/bid/99999
Common Vulnerability Exposure (CVE) ID: CVE-2017-9739
BugTraq ID: 99987
http://www.securityfocus.com/bid/99987
Common Vulnerability Exposure (CVE) ID: CVE-2017-9612
BugTraq ID: 99979
http://www.securityfocus.com/bid/99979
Common Vulnerability Exposure (CVE) ID: CVE-2017-9835
BugTraq ID: 99991
http://www.securityfocus.com/bid/99991

Copyright Copyright (C) 2018 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.843765
Kategorie:	Ubuntu Local Security Checks
Titel:	Ubuntu Update for ghostscript USN-3403-1
Zusammenfassung:	The remote host is missing an update for the 'ghostscript'; package(s) announced via the USN-3403-1 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'ghostscript' package(s) announced via the USN-3403-1 advisory. Vulnerability Insight: Kamil Frankowicz discovered that Ghostscript mishandles references. A remote attacker could use this to cause a denial of service. (CVE-2017-11714) Kim Gwan Yeong discovered that Ghostscript could allow a heap-based buffer over-read and application crash. A remote attacker could use a crafted document to cause a denial of service. (CVE-2017-9611, CVE-2017-9726, CVE-2017-9727, CVE-2017-9739) Kim Gwan Yeong discovered an use-after-free vulnerability in Ghostscript. A remote attacker could use a crafted file to cause a denial of service. (CVE-2017-9612) Kim Gwan Yeong discovered a lack of integer overflow check in Ghostscript. A remote attacker could use crafted PostScript document to cause a denial of service. (CVE-2017-9835) Affected Software/OS: ghostscript on Ubuntu 17.04, Ubuntu 16.04 LTS, Ubuntu 14.04 LTS. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-9611 BugTraq ID: 99975 http://www.securityfocus.com/bid/99975 Debian Security Information: DSA-3986 (Google Search) http://www.debian.org/security/2017/dsa-3986 https://security.gentoo.org/glsa/201811-12 Common Vulnerability Exposure (CVE) ID: CVE-2017-9726 BugTraq ID: 99992 http://www.securityfocus.com/bid/99992 Common Vulnerability Exposure (CVE) ID: CVE-2017-9727 BugTraq ID: 99999 http://www.securityfocus.com/bid/99999 Common Vulnerability Exposure (CVE) ID: CVE-2017-9739 BugTraq ID: 99987 http://www.securityfocus.com/bid/99987 Common Vulnerability Exposure (CVE) ID: CVE-2017-9612 BugTraq ID: 99979 http://www.securityfocus.com/bid/99979 Common Vulnerability Exposure (CVE) ID: CVE-2017-9835 BugTraq ID: 99991 http://www.securityfocus.com/bid/99991
Copyright	Copyright (C) 2018 Greenbone Networks GmbH