Test Kennung:	1.3.6.1.4.1.25623.1.0.891882
Kategorie:	Debian Local Security Checks
Titel:	Debian LTS: Security Advisory for atril (DLA-1882-1)
Zusammenfassung:	The remote host is missing an update for the 'atril'; package(s) announced via the DLA-1882-1 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'atril' package(s) announced via the DLA-1882-1 advisory. Vulnerability Insight: A few issues were found in Atril, the MATE document viewer. CVE-2017-1000159 When printing from DVI to PDF, the dvipdfm tool was called without properly sanitizing the filename, which could lead to a command injection attack via the filename. CVE-2019-11459 The tiff_document_render() and tiff_document_get_thumbnail() did not check the status of TIFFReadRGBAImageOriented(), leading to uninitialized memory access if that function fails. CVE-2019-1010006 Some buffer overflow checks were not properly done, leading to application crash or possibly arbitrary code execution when opening maliciously crafted files. Affected Software/OS: 'atril' package(s) on Debian Linux. Solution: For Debian 8 'Jessie', these problems have been fixed in version 1.8.1+dfsg1-4+deb8u2. We recommend that you upgrade your atril packages. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-1000159 Common Vulnerability Exposure (CVE) ID: CVE-2019-1010006 Common Vulnerability Exposure (CVE) ID: CVE-2019-11459
Copyright	Copyright (C) 2019 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.