ID de Prueba:	1.3.6.1.4.1.25623.1.0.851467
Categoría:	SuSE Local Security Checks
Título:	openSUSE: Security Advisory for ImageMagick (openSUSE-SU-2017:0023-1)
Resumen:	The remote host is missing an update for the 'ImageMagick'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'ImageMagick' package(s) announced via the referenced advisory. Vulnerability Insight: This update for ImageMagick fixes the following issues: * CVE-2016-9556 Possible Heap-overflow found by fuzzing [bsc#1011130] * CVE-2016-9559 Possible Null pointer access found by fuzzing [bsc#1011136] * CVE-2016-8707 Possible code execution in Tiff convert utility [bsc#1014159] * CVE-2016-8866 Memory allocation failure in AcquireMagickMemory could lead to Heap overflow [bsc#1009318] * CVE-2016-9559 Possible Null pointer access found by fuzzing [bsc#1011136] This update was imported from the SUSE:SLE-12:Update update project. Affected Software/OS: ImageMagick on openSUSE Leap 42.1 Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-9848 http://www.openwall.com/lists/oss-security/2016/06/02/13 SuSE Security Announcement: SUSE-SU-2016:1784 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00011.html SuSE Security Announcement: SUSE-SU-2016:3258 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00093.html SuSE Security Announcement: openSUSE-SU-2016:1748 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00002.html SuSE Security Announcement: openSUSE-SU-2016:1833 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00018.html SuSE Security Announcement: openSUSE-SU-2017:0023 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00006.html http://www.ubuntu.com/usn/USN-3131-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-8707 BugTraq ID: 94727 http://www.securityfocus.com/bid/94727 Debian Security Information: DSA-3799 (Google Search) http://www.debian.org/security/2017/dsa-3799 http://www.talosintelligence.com/reports/TALOS-2016-0216/ Common Vulnerability Exposure (CVE) ID: CVE-2016-8866 https://blogs.gentoo.org/ago/2016/10/20/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862/ http://www.openwall.com/lists/oss-security/2016/10/20/3 http://www.openwall.com/lists/oss-security/2016/10/21/5 SuSE Security Announcement: openSUSE-SU-2016:3233 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00085.html SuSE Security Announcement: openSUSE-SU-2016:3238 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-12/msg00141.html Common Vulnerability Exposure (CVE) ID: CVE-2016-9556 BugTraq ID: 94492 http://www.securityfocus.com/bid/94492 Debian Security Information: DSA-3726 (Google Search) http://www.debian.org/security/2016/dsa-3726 https://blogs.gentoo.org/ago/2016/11/19/imagemagick-heap-based-buffer-overflow-in-ispixelgray-pixel-accessor-h http://www.openwall.com/lists/oss-security/2016/11/23/1 http://www.openwall.com/lists/oss-security/2016/12/01/4 http://www.openwall.com/lists/oss-security/2016/12/02/12 SuSE Security Announcement: openSUSE-SU-2016:3024 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-12/msg00040.html Common Vulnerability Exposure (CVE) ID: CVE-2016-9559 BugTraq ID: 94489 http://www.securityfocus.com/bid/94489 https://blogs.gentoo.org/ago/2016/11/19/imagemagick-null-pointer-must-never-be-null-tiff-c/ http://www.openwall.com/lists/oss-security/2016/11/19/7 http://www.openwall.com/lists/oss-security/2016/11/23/4 Common Vulnerability Exposure (CVE) ID: CVE-2016-9773 https://blogs.gentoo.org/ago/2016/12/01/imagemagick-heap-based-buffer-overflow-in-ispixelgray-pixel-accessor-h-incomplete-fix-for-cve-2016-9556/ http://www.openwall.com/lists/oss-security/2016/12/02/11
Copyright	Copyright (C) 2017 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.