Mandrake Local Security Checks : Mandriva Security Advisory MDVSA-2012:054 (libtiff)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.72036

Categoría: Mandrake Local Security Checks

Título: Mandriva Security Advisory MDVSA-2012:054 (libtiff)

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing an update to libtiff
announced via advisory MDVSA-2012:054.

A vulnerability has been found and corrected in libtiff:

An integer overflow was discovered in the libtiff/tiff_getimage.c
file in the tiff library which could cause execution of arbitrary
code using a specially crafted TIFF image file (CVE-2012-1173).

The updated packages have been patched to correct this issue.

Affected: 2010.1, 2011., Enterprise Server 5.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2012:054

Risk factor : High

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-1173
http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html
BugTraq ID: 52891
http://www.securityfocus.com/bid/52891
Debian Security Information: DSA-2447 (Google Search)
http://www.debian.org/security/2012/dsa-2447
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078403.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078835.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077463.html
http://security.gentoo.org/glsa/glsa-201209-02.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2012:054
http://bugzilla.maptools.org/attachment.cgi?id=477&action=diff
http://home.gdal.org/private/zdi-can-1221/zdi-can-1221.txt
http://www.osvdb.org/81025
RedHat Security Advisories: RHSA-2012:0468
http://rhn.redhat.com/errata/RHSA-2012-0468.html
http://www.securitytracker.com/id?1026895
http://secunia.com/advisories/48684
http://secunia.com/advisories/48722
http://secunia.com/advisories/48735
http://secunia.com/advisories/48757
http://secunia.com/advisories/48893
http://secunia.com/advisories/50726
SuSE Security Announcement: openSUSE-SU-2012:0539 (Google Search)
https://hermes.opensuse.org/messages/14302713
http://ubuntu.com/usn/usn-1416-1
XForce ISS Database: libtiff-gttileseparate-bo(74656)
https://exchange.xforce.ibmcloud.com/vulnerabilities/74656

Copyright Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.72036
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Security Advisory MDVSA-2012:054 (libtiff)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to libtiff announced via advisory MDVSA-2012:054. A vulnerability has been found and corrected in libtiff: An integer overflow was discovered in the libtiff/tiff_getimage.c file in the tiff library which could cause execution of arbitrary code using a specially crafted TIFF image file (CVE-2012-1173). The updated packages have been patched to correct this issue. Affected: 2010.1, 2011., Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2012:054 Risk factor : High
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-1173 http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html BugTraq ID: 52891 http://www.securityfocus.com/bid/52891 Debian Security Information: DSA-2447 (Google Search) http://www.debian.org/security/2012/dsa-2447 http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078403.html http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078835.html http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077463.html http://security.gentoo.org/glsa/glsa-201209-02.xml http://www.mandriva.com/security/advisories?name=MDVSA-2012:054 http://bugzilla.maptools.org/attachment.cgi?id=477&action=diff http://home.gdal.org/private/zdi-can-1221/zdi-can-1221.txt http://www.osvdb.org/81025 RedHat Security Advisories: RHSA-2012:0468 http://rhn.redhat.com/errata/RHSA-2012-0468.html http://www.securitytracker.com/id?1026895 http://secunia.com/advisories/48684 http://secunia.com/advisories/48722 http://secunia.com/advisories/48735 http://secunia.com/advisories/48757 http://secunia.com/advisories/48893 http://secunia.com/advisories/50726 SuSE Security Announcement: openSUSE-SU-2012:0539 (Google Search) https://hermes.opensuse.org/messages/14302713 http://ubuntu.com/usn/usn-1416-1 XForce ISS Database: libtiff-gttileseparate-bo(74656) https://exchange.xforce.ibmcloud.com/vulnerabilities/74656
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com