Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2012-0301)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.123974

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2012-0301)

Resumen: The remote host is missing an update for the 'ImageMagick' package(s) announced via the ELSA-2012-0301 advisory.

Descripción: Summary:
The remote host is missing an update for the 'ImageMagick' package(s) announced via the ELSA-2012-0301 advisory.

Vulnerability Insight:
[6.2.8.0-12.el5]
- Add fix for CVE-2010-4167 (767142)

[6.2.8.0-11.el5]
Fix assertion failed when using 'identify -verbose' when there's no
image information available (502626)

[6.2.8.0-10.el5]
Fix memory allocation failure when using color option (616538)
Fix hang when converting broken GIF (693989)
Fix conversion of rotated landscape PDF (694922)

[6.2.8.0-9.el5]
Fix a deadlock with semaphore (530592)

[6.2.8.0-8.el5]
- Fix page size argument parsing (580535)

[6.2.8.0-7.el5]
- Fix SGI image decoding (498063)

[6.2.8.0-6.el5]
- Add fix for CVE-2009-1882 (504305)

[6.2.8.0-5.el5]
- update quantum memory patch (necessary for CVE fixes)
- backport functionality for SetImageExtent (necessary for CVE fixes)
- Add patch for CVE-2008-1096 (#286411)
- Add patch for CVE-2008-1097 (#285861)
- update patch for CVE-2007-4986

Affected Software/OS:
'ImageMagick' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
6.9

CVSS Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-4167
42497
http://secunia.com/advisories/42497
42744
http://secunia.com/advisories/42744
45044
http://www.securityfocus.com/bid/45044
48100
http://secunia.com/advisories/48100
49063
http://secunia.com/advisories/49063
ADV-2010-3150
http://www.vupen.com/english/advisories/2010/3150
ADV-2010-3322
http://www.vupen.com/english/advisories/2010/3322
FEDORA-2010-19025
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052515.html
FEDORA-2010-19056
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052599.html
RHSA-2012:0544
http://rhn.redhat.com/errata/RHSA-2012-0544.html
USN-1028-1
http://www.ubuntu.com/usn/USN-1028-1
[oss-security] 20101112 CVE request: ImageMagick opens config files in $CWD
http://www.openwall.com/lists/oss-security/2010/11/13/1
[oss-security] 20101115 Re: CVE request: ImageMagick opens config files in $CWD
http://www.openwall.com/lists/oss-security/2010/11/15/3
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601824
http://www.imagemagick.org/script/changelog.php
https://bugzilla.redhat.com/show_bug.cgi?id=652860

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.123974
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2012-0301)
Resumen:	The remote host is missing an update for the 'ImageMagick' package(s) announced via the ELSA-2012-0301 advisory.
Descripción:	Summary: The remote host is missing an update for the 'ImageMagick' package(s) announced via the ELSA-2012-0301 advisory. Vulnerability Insight: [6.2.8.0-12.el5] - Add fix for CVE-2010-4167 (767142) [6.2.8.0-11.el5] Fix assertion failed when using 'identify -verbose' when there's no image information available (502626) [6.2.8.0-10.el5] Fix memory allocation failure when using color option (616538) Fix hang when converting broken GIF (693989) Fix conversion of rotated landscape PDF (694922) [6.2.8.0-9.el5] Fix a deadlock with semaphore (530592) [6.2.8.0-8.el5] - Fix page size argument parsing (580535) [6.2.8.0-7.el5] - Fix SGI image decoding (498063) [6.2.8.0-6.el5] - Add fix for CVE-2009-1882 (504305) [6.2.8.0-5.el5] - update quantum memory patch (necessary for CVE fixes) - backport functionality for SetImageExtent (necessary for CVE fixes) - Add patch for CVE-2008-1096 (#286411) - Add patch for CVE-2008-1097 (#285861) - update patch for CVE-2007-4986 Affected Software/OS: 'ImageMagick' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-4167 42497 http://secunia.com/advisories/42497 42744 http://secunia.com/advisories/42744 45044 http://www.securityfocus.com/bid/45044 48100 http://secunia.com/advisories/48100 49063 http://secunia.com/advisories/49063 ADV-2010-3150 http://www.vupen.com/english/advisories/2010/3150 ADV-2010-3322 http://www.vupen.com/english/advisories/2010/3322 FEDORA-2010-19025 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052515.html FEDORA-2010-19056 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052599.html RHSA-2012:0544 http://rhn.redhat.com/errata/RHSA-2012-0544.html USN-1028-1 http://www.ubuntu.com/usn/USN-1028-1 [oss-security] 20101112 CVE request: ImageMagick opens config files in $CWD http://www.openwall.com/lists/oss-security/2010/11/13/1 [oss-security] 20101115 Re: CVE request: ImageMagick opens config files in $CWD http://www.openwall.com/lists/oss-security/2010/11/15/3 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601824 http://www.imagemagick.org/script/changelog.php https://bugzilla.redhat.com/show_bug.cgi?id=652860
Copyright	Copyright (C) 2015 Greenbone AG