Mandrake Local Security Checks : Mandriva Security Advisory MDVSA-2012:054 (libtiff)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.72036

Categoría: Mandrake Local Security Checks

Título: Mandriva Security Advisory MDVSA-2012:054 (libtiff)

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing an update to libtiff
announced via advisory MDVSA-2012:054.

A vulnerability has been found and corrected in libtiff:

An integer overflow was discovered in the libtiff/tiff_getimage.c
file in the tiff library which could cause execution of arbitrary
code using a specially crafted TIFF image file (CVE-2012-1173).

The updated packages have been patched to correct this issue.

Affected: 2010.1, 2011., Enterprise Server 5.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2012:054

Risk factor : High

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-1173
1026895
http://www.securitytracker.com/id?1026895
48684
http://secunia.com/advisories/48684
48722
http://secunia.com/advisories/48722
48735
http://secunia.com/advisories/48735
48757
http://secunia.com/advisories/48757
48893
http://secunia.com/advisories/48893
50726
http://secunia.com/advisories/50726
52891
http://www.securityfocus.com/bid/52891
81025
http://www.osvdb.org/81025
APPLE-SA-2012-09-19-1
http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
APPLE-SA-2012-09-19-2
http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html
DSA-2447
http://www.debian.org/security/2012/dsa-2447
FEDORA-2012-5406
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078403.html
FEDORA-2012-5410
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078835.html
FEDORA-2012-5463
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077463.html
GLSA-201209-02
http://security.gentoo.org/glsa/glsa-201209-02.xml
MDVSA-2012:054
http://www.mandriva.com/security/advisories?name=MDVSA-2012:054
RHSA-2012:0468
http://rhn.redhat.com/errata/RHSA-2012-0468.html
USN-1416-1
http://ubuntu.com/usn/usn-1416-1
http://bugzilla.maptools.org/attachment.cgi?id=477&action=diff
http://bugzilla.maptools.org/show_bug.cgi?id=2369
http://home.gdal.org/private/zdi-can-1221/zdi-can-1221.txt
http://support.apple.com/kb/HT5501
http://support.apple.com/kb/HT5503
https://downloads.avaya.com/css/P8/documents/100161772
libtiff-gttileseparate-bo(74656)
https://exchange.xforce.ibmcloud.com/vulnerabilities/74656
openSUSE-SU-2012:0539
https://hermes.opensuse.org/messages/14302713

Copyright Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.72036
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Security Advisory MDVSA-2012:054 (libtiff)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to libtiff announced via advisory MDVSA-2012:054. A vulnerability has been found and corrected in libtiff: An integer overflow was discovered in the libtiff/tiff_getimage.c file in the tiff library which could cause execution of arbitrary code using a specially crafted TIFF image file (CVE-2012-1173). The updated packages have been patched to correct this issue. Affected: 2010.1, 2011., Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2012:054 Risk factor : High
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-1173 1026895 http://www.securitytracker.com/id?1026895 48684 http://secunia.com/advisories/48684 48722 http://secunia.com/advisories/48722 48735 http://secunia.com/advisories/48735 48757 http://secunia.com/advisories/48757 48893 http://secunia.com/advisories/48893 50726 http://secunia.com/advisories/50726 52891 http://www.securityfocus.com/bid/52891 81025 http://www.osvdb.org/81025 APPLE-SA-2012-09-19-1 http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html APPLE-SA-2012-09-19-2 http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html DSA-2447 http://www.debian.org/security/2012/dsa-2447 FEDORA-2012-5406 http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078403.html FEDORA-2012-5410 http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078835.html FEDORA-2012-5463 http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077463.html GLSA-201209-02 http://security.gentoo.org/glsa/glsa-201209-02.xml MDVSA-2012:054 http://www.mandriva.com/security/advisories?name=MDVSA-2012:054 RHSA-2012:0468 http://rhn.redhat.com/errata/RHSA-2012-0468.html USN-1416-1 http://ubuntu.com/usn/usn-1416-1 http://bugzilla.maptools.org/attachment.cgi?id=477&action=diff http://bugzilla.maptools.org/show_bug.cgi?id=2369 http://home.gdal.org/private/zdi-can-1221/zdi-can-1221.txt http://support.apple.com/kb/HT5501 http://support.apple.com/kb/HT5503 https://downloads.avaya.com/css/P8/documents/100161772 libtiff-gttileseparate-bo(74656) https://exchange.xforce.ibmcloud.com/vulnerabilities/74656 openSUSE-SU-2012:0539 https://hermes.opensuse.org/messages/14302713
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com