 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.1.4.2018.2977.1 |
| Categoría: | SuSE Local Security Checks |
| Título: | SUSE: Security Advisory (SUSE-SU-2018:2977-1) |
| Resumen: | The remote host is missing an update for the 'ImageMagick' package(s) announced via the SUSE-SU-2018:2977-1 advisory. |
| Descripción: | Summary: The remote host is missing an update for the 'ImageMagick' package(s) announced via the SUSE-SU-2018:2977-1 advisory. Vulnerability Insight: This update for ImageMagick fixes the following security issues: CVE-2018-16413: Prevent heap-based buffer over-read in the PushShortPixel function leading to DoS (bsc#1106989) CVE-2018-16329: Prevent NULL pointer dereference in the GetMagickProperty function leading to DoS (bsc#1106858). CVE-2018-16328: Prevent NULL pointer dereference exists in the CheckEventLogging function leading to DoS (bsc#1106857). CVE-2018-16323: ReadXBMImage left data uninitialized when processing an XBM file that has a negative pixel value. If the affected code was used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data (bsc#1106855) CVE-2018-16642: The function InsertRow allowed remote attackers to cause a denial of service via a crafted image file due to an out-of-bounds write (bsc#1107616) CVE-2018-16640: Prevent memory leak in the function ReadOneJNGImage (bsc#1107619) CVE-2018-16641: Prevent memory leak in the TIFFWritePhotoshopLayers function (bsc#1107618). CVE-2018-16643: The functions ReadDCMImage, ReadPWPImage, ReadCALSImage, and ReadPICTImage did check the return value of the fputc function, which allowed remote attackers to cause a denial of service via a crafted image file (bsc#1107612) CVE-2018-16644: Added missing check for length in the functions ReadDCMImage and ReadPICTImage, which allowed remote attackers to cause a denial of service via a crafted image (bsc#1107609) CVE-2018-16645: Prevent excessive memory allocation issue in the functions ReadBMPImage and ReadDIBImage, which allowed remote attackers to cause a denial of service via a crafted image file (bsc#1107604) Affected Software/OS: 'ImageMagick' package(s) on SUSE Linux Enterprise Module for Desktop Applications 15, SUSE Linux Enterprise Module for Development Tools 15. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2018-16323 Common Vulnerability Exposure (CVE) ID: CVE-2018-16328 Common Vulnerability Exposure (CVE) ID: CVE-2018-16329 Common Vulnerability Exposure (CVE) ID: CVE-2018-16413 Common Vulnerability Exposure (CVE) ID: CVE-2018-16640 Common Vulnerability Exposure (CVE) ID: CVE-2018-16641 Common Vulnerability Exposure (CVE) ID: CVE-2018-16642 Common Vulnerability Exposure (CVE) ID: CVE-2018-16643 Common Vulnerability Exposure (CVE) ID: CVE-2018-16644 Common Vulnerability Exposure (CVE) ID: CVE-2018-16645 |
| Copyright | Copyright (C) 2021 Greenbone Networks GmbH |
| Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |