Test ID:	1.3.6.1.4.1.25623.1.0.831709
Category:	Mandrake Local Security Checks
Title:	Mandriva Update for libjpeg-turbo MDVSA-2012:121 (libjpeg-turbo)
Summary:	The remote host is missing an update for the 'libjpeg-turbo'; package(s) announced via the referenced advisory.
Description:	Summary: The remote host is missing an update for the 'libjpeg-turbo' package(s) announced via the referenced advisory. Vulnerability Insight: A vulnerability has been discovered and corrected in libjpeg-turbo: A Heap-based buffer overflow was found in the way libjpeg-turbo decompressed certain corrupt JPEG images in which the component count was erroneously set to a large value. An attacker could create a specially-crafted JPEG image that, when opened, could cause an application using libpng to crash or, possibly, execute arbitrary code with the privileges of the user running the application (CVE-2012-2806). The updated packages have been patched to correct this issue. Affected Software/OS: libjpeg-turbo on Mandriva Linux 2011.0 Solution: Please Install the Updated Packages. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2012-2806 BugTraq ID: 54480 http://www.securityfocus.com/bid/54480 http://security.gentoo.org/glsa/glsa-201209-13.xml http://www.mandriva.com/security/advisories?name=MDVSA-2012:121 https://bugzilla.mozilla.org/show_bug.cgi?id=759802 https://bugzilla.redhat.com/show_bug.cgi?id=826849 http://www.openwall.com/lists/oss-security/2012/07/17/3 http://osvdb.org/84040 http://secunia.com/advisories/49883 http://secunia.com/advisories/50753 XForce ISS Database: libjpegturbo-getsos-bo(76952) https://exchange.xforce.ibmcloud.com/vulnerabilities/76952
Copyright	Copyright (C) 2012 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.