 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.831744 |
| Categoría: | Mandrake Local Security Checks |
| Título: | Mandriva Update for ghostscript MDVSA-2012:151-1 (ghostscript) |
| Resumen: | The remote host is missing an update for the 'ghostscript'; package(s) announced via the referenced advisory. |
| Descripción: | Summary: The remote host is missing an update for the 'ghostscript' package(s) announced via the referenced advisory. Vulnerability Insight: A security issue was identified and fixed in ghostscript: An integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript's International Color Consortium Format library (icclib). An attacker could create a specially-crafted PostScript or PDF file with embedded images that would cause Ghostscript to crash or, potentially, execute arbitrary code with the privileges of the user running Ghostscript (CVE-2012-4405). The updated packages have been patched to correct this issue. Update: Packages for Mandriva Linux 2011 is being provided. Affected Software/OS: ghostscript on Mandriva Linux 2011.0 Solution: Please Install the Updated Packages. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2012-4405 1027517 http://www.securitytracker.com/id?1027517 50719 http://secunia.com/advisories/50719 55494 http://www.securityfocus.com/bid/55494 GLSA-201412-17 http://security.gentoo.org/glsa/glsa-201412-17.xml MDVSA-2012:151 http://www.mandriva.com/security/advisories?name=MDVSA-2012:151 MDVSA-2013:089 http://www.mandriva.com/security/advisories?name=MDVSA-2013:089 MDVSA-2013:090 http://www.mandriva.com/security/advisories?name=MDVSA-2013:090 RHSA-2012:1256 http://rhn.redhat.com/errata/RHSA-2012-1256.html SUSE-SU-2012:1222 http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00031.html USN-1581-1 http://www.ubuntu.com/usn/USN-1581-1 [oss-security] 20120911 CVE-2012-4405 ghostscript, argyllcms: Array index error leading to heap-based bufer OOB write http://www.openwall.com/lists/oss-security/2012/09/11/2 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0301 icclib-pdf-bo(78411) https://exchange.xforce.ibmcloud.com/vulnerabilities/78411 openSUSE-SU-2012:1289 http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00001.html openSUSE-SU-2012:1290 http://lists.opensuse.org/opensuse-updates/2012-10/msg00015.html |
| Copyright | Copyright (C) 2012 Greenbone AG |
| Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |