English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.851480
Kategorie:SuSE Local Security Checks
Titel:openSUSE: Security Advisory for openjpeg2 (openSUSE-SU-2017:0207-1)
Zusammenfassung:The remote host is missing an update for the 'openjpeg2'; package(s) announced via the referenced advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'openjpeg2'
package(s) announced via the referenced advisory.

Vulnerability Insight:
This update for openjpeg2 fixes the following issues:

* CVE-2016-9572 CVE-2016-9573: Insuficient check in imagetopnm() could
lead to heap buffer overflow [bsc#1014543]

* CVE-2016-9580, CVE-2016-9581: Possible Heap buffer overflow via integer
overflow and infite loop [bsc#1014975]

* CVE-2016-7445: Null pointer dereference in convert.c could lead to crash
[bsc#999817]

* CVE-2016-8332: Malicious file in OpenJPEG JPEG2000 format could lead to
code execution [bsc#1002414]

* CVE-2016-9112: FPE(Floating Point Exception) in lib/openjp2/pi.c:523
[bsc#1007747]

* CVE-2016-9113: NULL point dereference in function imagetobmp of
convertbmp.c could lead to crash [bsc#1007739]

* CVE-2016-9114: NULL Pointer Access in function imagetopnm of
convert.c:1943(jp2) could lead to crash [bsc#1007740]

* CVE-2016-9115: Heap Buffer Overflow in function imagetotga of
convert.c(jp2) [bsc#1007741]

* CVE-2016-9116: NULL Pointer Access in function imagetopnm of
convert.c:2226(jp2) [bsc#1007742]

* CVE-2016-9117: NULL Pointer Access in function imagetopnm of
convert.c(jp2):1289 [bsc#1007743]

* CVE-2016-9118: Heap Buffer Overflow in function pnmtoimage of convert.c
[bsc#1007744]

Affected Software/OS:
openjpeg2 on openSUSE Leap 42.1

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2016-7445
BugTraq ID: 93040
http://www.securityfocus.com/bid/93040
https://security.gentoo.org/glsa/201612-26
http://www.openwall.com/lists/oss-security/2016/09/18/4
http://www.openwall.com/lists/oss-security/2016/09/18/6
SuSE Security Announcement: openSUSE-SU-2016:2424 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-09/msg00109.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-8332
BugTraq ID: 93242
http://www.securityfocus.com/bid/93242
Debian Security Information: DSA-3768 (Google Search)
http://www.debian.org/security/2017/dsa-3768
http://www.talosintelligence.com/reports/TALOS-2016-0193/
https://github.com/uclouvain/openjpeg/releases/tag/v2.1.2
https://www.oracle.com/security-alerts/cpujul2020.html
http://www.securitytracker.com/id/1038623
Common Vulnerability Exposure (CVE) ID: CVE-2016-9112
BugTraq ID: 93978
http://www.securityfocus.com/bid/93978
https://security.gentoo.org/glsa/201710-26
https://github.com/uclouvain/openjpeg/issues/855
https://lists.debian.org/debian-lts-announce/2019/07/msg00010.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-9113
BugTraq ID: 93980
http://www.securityfocus.com/bid/93980
https://github.com/uclouvain/openjpeg/issues/856
Common Vulnerability Exposure (CVE) ID: CVE-2016-9114
BugTraq ID: 93979
http://www.securityfocus.com/bid/93979
https://github.com/uclouvain/openjpeg/issues/857
Common Vulnerability Exposure (CVE) ID: CVE-2016-9115
BugTraq ID: 93977
http://www.securityfocus.com/bid/93977
https://github.com/uclouvain/openjpeg/issues/858
Common Vulnerability Exposure (CVE) ID: CVE-2016-9116
BugTraq ID: 93975
http://www.securityfocus.com/bid/93975
https://github.com/uclouvain/openjpeg/issues/859
Common Vulnerability Exposure (CVE) ID: CVE-2016-9117
BugTraq ID: 93783
http://www.securityfocus.com/bid/93783
https://github.com/uclouvain/openjpeg/issues/860
Common Vulnerability Exposure (CVE) ID: CVE-2016-9118
BugTraq ID: 93976
http://www.securityfocus.com/bid/93976
Debian Security Information: DSA-4013 (Google Search)
http://www.debian.org/security/2017/dsa-4013
https://github.com/uclouvain/openjpeg/issues/861
Common Vulnerability Exposure (CVE) ID: CVE-2016-9572
BugTraq ID: 109233
http://www.securityfocus.com/bid/109233
https://www.debian.org/security/2017/dsa-3768
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-9573
BugTraq ID: 97073
http://www.securityfocus.com/bid/97073
RedHat Security Advisories: RHSA-2017:0838
http://rhn.redhat.com/errata/RHSA-2017-0838.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-9580
BugTraq ID: 94822
http://www.securityfocus.com/bid/94822
Common Vulnerability Exposure (CVE) ID: CVE-2016-9581
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.