SuSE Local Security Checks : SUSE: Security Advisory (SUSE-SU-2013:0595-1)

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.1.4.2013.0595.1

Kategorie: SuSE Local Security Checks

Titel: SUSE: Security Advisory (SUSE-SU-2013:0595-1)

Zusammenfassung: The remote host is missing an update for the 'poppler' package(s) announced via the SUSE-SU-2013:0595-1 advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'poppler' package(s) announced via the SUSE-SU-2013:0595-1 advisory.

Vulnerability Insight:
This update of poppler fixes the following vulnerabilities:

* CVE-2013-1788: Various invalid memory issues could be used by attackers supplying PDFs to crash the PDF viewer or potentially execute code.
* CVE-2013-1789: A crash in poppler could be used by attackers providing PDFs to crash the PDF viewer.
* CVE-2013-1790: An uninitialized memory read could be used by attackers providing PDFs to crash the PDF viewer.

This also fixes that transparent background in images are rendered black with evince. (bnc#745620).

Security Issue references:

* CVE-2013-1788
>
* CVE-2013-1789
>
* CVE-2013-1790
>

Affected Software/OS:
'poppler' package(s) on SLE SDK 10 SP4, SUSE Linux Enterprise Desktop 10 SP4, SUSE Linux Enterprise Server 10 SP4.

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2013-1788
Debian Security Information: DSA-2719 (Google Search)
http://www.debian.org/security/2013/dsa-2719
http://lists.fedoraproject.org/pipermail/package-announce/2013-March/100090.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-March/100081.html
http://www.mandriva.com/security/advisories?name=MDVSA-2013:143
http://j00ru.vexillium.org/?p=1507
http://www.openwall.com/lists/oss-security/2013/02/28/4
http://www.openwall.com/lists/oss-security/2013/02/28/8
http://secunia.com/advisories/52846
http://ubuntu.com/usn/usn-1785-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-1789
Common Vulnerability Exposure (CVE) ID: CVE-2013-1790

Copyright Copyright (C) 2021 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.1.4.2013.0595.1
Kategorie:	SuSE Local Security Checks
Titel:	SUSE: Security Advisory (SUSE-SU-2013:0595-1)
Zusammenfassung:	The remote host is missing an update for the 'poppler' package(s) announced via the SUSE-SU-2013:0595-1 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'poppler' package(s) announced via the SUSE-SU-2013:0595-1 advisory. Vulnerability Insight: This update of poppler fixes the following vulnerabilities: * CVE-2013-1788: Various invalid memory issues could be used by attackers supplying PDFs to crash the PDF viewer or potentially execute code. * CVE-2013-1789: A crash in poppler could be used by attackers providing PDFs to crash the PDF viewer. * CVE-2013-1790: An uninitialized memory read could be used by attackers providing PDFs to crash the PDF viewer. This also fixes that transparent background in images are rendered black with evince. (bnc#745620). Security Issue references: * CVE-2013-1788 > * CVE-2013-1789 > * CVE-2013-1790 > Affected Software/OS: 'poppler' package(s) on SLE SDK 10 SP4, SUSE Linux Enterprise Desktop 10 SP4, SUSE Linux Enterprise Server 10 SP4. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2013-1788 Debian Security Information: DSA-2719 (Google Search) http://www.debian.org/security/2013/dsa-2719 http://lists.fedoraproject.org/pipermail/package-announce/2013-March/100090.html http://lists.fedoraproject.org/pipermail/package-announce/2013-March/100081.html http://www.mandriva.com/security/advisories?name=MDVSA-2013:143 http://j00ru.vexillium.org/?p=1507 http://www.openwall.com/lists/oss-security/2013/02/28/4 http://www.openwall.com/lists/oss-security/2013/02/28/8 http://secunia.com/advisories/52846 http://ubuntu.com/usn/usn-1785-1 Common Vulnerability Exposure (CVE) ID: CVE-2013-1789 Common Vulnerability Exposure (CVE) ID: CVE-2013-1790
Copyright	Copyright (C) 2021 Greenbone Networks GmbH