Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | |||
ID de Prueba: | 1.3.6.1.4.1.25623.1.1.2.2020.1053 |
Categoría: | Huawei EulerOS Local Security Checks |
Título: | Huawei EulerOS: Security Advisory for jasper (EulerOS-SA-2020-1053) |
Resumen: | The remote host is missing an update for the Huawei EulerOS 'jasper' package(s) announced via the EulerOS-SA-2020-1053 advisory. |
Descripción: | Summary: The remote host is missing an update for the Huawei EulerOS 'jasper' package(s) announced via the EulerOS-SA-2020-1053 advisory. Vulnerability Insight: JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpc_firstone in libjasper/jpc/jpc_math.c.(CVE-2018-9055) An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2_decode in libjasper/jp2/jp2_dec.c, leading to a denial of service.(CVE-2018-19542) An issue was discovered in JasPer 2.0.14. There is an access violation in the function jas_image_readcmpt in libjasper/base/jas_image.c, leading to a denial of service.(CVE-2018-19539) JasPer 2.0.13 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted image, related to the jas_image_ishomosamp function in libjasper/base/jas_image.c.(CVE-2017-14132) There are lots of memory leaks in JasPer 2.0.12, triggered in the function jas_strdup() in base/jas_string.c, that will lead to a remote denial of service attack.(CVE-2017-13748) Affected Software/OS: 'jasper' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.5.0. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P |
Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2018-9055 BugTraq ID: 103577 http://www.securityfocus.com/bid/103577 https://security.gentoo.org/glsa/201908-03 https://github.com/mdadams/jasper/issues/172 https://www.oracle.com/security-alerts/cpuapr2020.html |
Copyright | Copyright (C) 2020 Greenbone Networks GmbH |
Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |