Mandrake Local Security Checks : Mandriva Update for imagemagick MDVSA-2012:160 (imagemagick)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.831741

Categoría: Mandrake Local Security Checks

Título: Mandriva Update for imagemagick MDVSA-2012:160 (imagemagick)

Resumen: The remote host is missing an update for the 'imagemagick'; package(s) announced via the referenced advisory.

Descripción: Summary:
The remote host is missing an update for the 'imagemagick'
package(s) announced via the referenced advisory.

Vulnerability Insight:
A vulnerability has been found and corrected in imagemagick:

The Magick_png_malloc function in coders/png.c in ImageMagick 6.7.8-6
does not use the proper variable type for the allocation size, which
might allow remote attackers to cause a denial of service (crash)
via a crafted PNG file that triggers incorrect memory allocation
(CVE-2012-3437).

The updated packages have been patched to correct this issue.

Affected Software/OS:
imagemagick on Mandriva Linux 2011.0,
Mandriva Enterprise Server 5.2

Solution:
Please Install the Updated Packages.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-3437
1027321
http://www.securitytracker.com/id?1027321
50091
http://secunia.com/advisories/50091
50398
http://secunia.com/advisories/50398
54714
http://www.securityfocus.com/bid/54714
MDVSA-2012:160
http://www.mandriva.com/security/advisories?name=MDVSA-2012:160
MDVSA-2013:092
http://www.mandriva.com/security/advisories?name=MDVSA-2013:092
USN-1544-1
http://www.ubuntu.com/usn/USN-1544-1
https://bugzilla.redhat.com/show_bug.cgi?id=844101
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0243
imagemagick-png-dos(77260)
https://exchange.xforce.ibmcloud.com/vulnerabilities/77260
openSUSE-SU-2013:0535
http://lists.opensuse.org/opensuse-updates/2013-03/msg00101.html

Copyright Copyright (C) 2012 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.831741
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Update for imagemagick MDVSA-2012:160 (imagemagick)
Resumen:	The remote host is missing an update for the 'imagemagick'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'imagemagick' package(s) announced via the referenced advisory. Vulnerability Insight: A vulnerability has been found and corrected in imagemagick: The Magick_png_malloc function in coders/png.c in ImageMagick 6.7.8-6 does not use the proper variable type for the allocation size, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG file that triggers incorrect memory allocation (CVE-2012-3437). The updated packages have been patched to correct this issue. Affected Software/OS: imagemagick on Mandriva Linux 2011.0, Mandriva Enterprise Server 5.2 Solution: Please Install the Updated Packages. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-3437 1027321 http://www.securitytracker.com/id?1027321 50091 http://secunia.com/advisories/50091 50398 http://secunia.com/advisories/50398 54714 http://www.securityfocus.com/bid/54714 MDVSA-2012:160 http://www.mandriva.com/security/advisories?name=MDVSA-2012:160 MDVSA-2013:092 http://www.mandriva.com/security/advisories?name=MDVSA-2013:092 USN-1544-1 http://www.ubuntu.com/usn/USN-1544-1 https://bugzilla.redhat.com/show_bug.cgi?id=844101 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0243 imagemagick-png-dos(77260) https://exchange.xforce.ibmcloud.com/vulnerabilities/77260 openSUSE-SU-2013:0535 http://lists.opensuse.org/opensuse-updates/2013-03/msg00101.html
Copyright	Copyright (C) 2012 Greenbone AG