Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200812-18 (jasper)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.62967

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200812-18 (jasper)

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing updates announced in
advisory GLSA 200812-18.

Multiple memory management errors in JasPer might lead to execution of
arbitrary code via jpeg2k files.

Solution:
All JasPer users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=media-libs/jasper-1.900.1-r3'

http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200812-18
http://bugs.gentoo.org/show_bug.cgi?id=222819

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-3520
BugTraq ID: 31470
http://www.securityfocus.com/bid/31470
http://security.gentoo.org/glsa/glsa-200812-18.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2009:142
http://www.mandriva.com/security/advisories?name=MDVSA-2009:144
http://www.mandriva.com/security/advisories?name=MDVSA-2009:164
http://bugs.gentoo.org/show_bug.cgi?id=222819
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10141
http://www.redhat.com/support/errata/RHSA-2009-0012.html
RedHat Security Advisories: RHSA-2015:0698
http://rhn.redhat.com/errata/RHSA-2015-0698.html
http://secunia.com/advisories/33173
http://secunia.com/advisories/34391
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606
http://www.ubuntu.com/usn/USN-742-1
XForce ISS Database: jasper-image-file-bo(45621)
https://exchange.xforce.ibmcloud.com/vulnerabilities/45621
Common Vulnerability Exposure (CVE) ID: CVE-2008-3522
http://bugs.gentoo.org/attachment.cgi?id=163282&action=view
XForce ISS Database: jasper-jasstreamprintf-bo(45623)
https://exchange.xforce.ibmcloud.com/vulnerabilities/45623

Copyright Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.62967
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200812-18 (jasper)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory GLSA 200812-18. Multiple memory management errors in JasPer might lead to execution of arbitrary code via jpeg2k files. Solution: All JasPer users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-libs/jasper-1.900.1-r3' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200812-18 http://bugs.gentoo.org/show_bug.cgi?id=222819 CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-3520 BugTraq ID: 31470 http://www.securityfocus.com/bid/31470 http://security.gentoo.org/glsa/glsa-200812-18.xml http://www.mandriva.com/security/advisories?name=MDVSA-2009:142 http://www.mandriva.com/security/advisories?name=MDVSA-2009:144 http://www.mandriva.com/security/advisories?name=MDVSA-2009:164 http://bugs.gentoo.org/show_bug.cgi?id=222819 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10141 http://www.redhat.com/support/errata/RHSA-2009-0012.html RedHat Security Advisories: RHSA-2015:0698 http://rhn.redhat.com/errata/RHSA-2015-0698.html http://secunia.com/advisories/33173 http://secunia.com/advisories/34391 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606 http://www.ubuntu.com/usn/USN-742-1 XForce ISS Database: jasper-image-file-bo(45621) https://exchange.xforce.ibmcloud.com/vulnerabilities/45621 Common Vulnerability Exposure (CVE) ID: CVE-2008-3522 http://bugs.gentoo.org/attachment.cgi?id=163282&action=view XForce ISS Database: jasper-jasstreamprintf-bo(45623) https://exchange.xforce.ibmcloud.com/vulnerabilities/45623
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com