Test Kennung:	1.3.6.1.4.1.25623.1.0.851460
Kategorie:	SuSE Local Security Checks
Titel:	openSUSE: Security Advisory for ImageMagick (openSUSE-SU-2016:3233-1)
Zusammenfassung:	The remote host is missing an update for the 'ImageMagick'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'ImageMagick' package(s) announced via the referenced advisory. Vulnerability Insight: This security update for ImageMagick fixes the following issues: - a maliciously crafted compressed TIFF image could cause code remote code execution in the convert utility in particular circumstances (CVE-2016-8707, boo#1014159) - a memory allocation failure was fixed (CVE-2016-8866, boo#1009318, follow up on CVE-2016-8862) - the identify utility could crash on maliciously crafted images (CVE-2016-9773, boo#1013376, follow up on CVE-2016-9556) Affected Software/OS: ImageMagick on openSUSE 13.2 Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-8707 BugTraq ID: 94727 http://www.securityfocus.com/bid/94727 Debian Security Information: DSA-3799 (Google Search) http://www.debian.org/security/2017/dsa-3799 http://www.talosintelligence.com/reports/TALOS-2016-0216/ Common Vulnerability Exposure (CVE) ID: CVE-2016-8862 BugTraq ID: 93794 http://www.securityfocus.com/bid/93794 Debian Security Information: DSA-3726 (Google Search) http://www.debian.org/security/2016/dsa-3726 https://blogs.gentoo.org/ago/2016/10/17/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c/ http://www.openwall.com/lists/oss-security/2016/10/20/2 http://www.openwall.com/lists/oss-security/2016/10/20/3 Common Vulnerability Exposure (CVE) ID: CVE-2016-8866 https://blogs.gentoo.org/ago/2016/10/20/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862/ http://www.openwall.com/lists/oss-security/2016/10/21/5 SuSE Security Announcement: openSUSE-SU-2016:3233 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00085.html SuSE Security Announcement: openSUSE-SU-2016:3238 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-12/msg00141.html SuSE Security Announcement: openSUSE-SU-2017:0023 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00006.html Common Vulnerability Exposure (CVE) ID: CVE-2016-9556 BugTraq ID: 94492 http://www.securityfocus.com/bid/94492 https://blogs.gentoo.org/ago/2016/11/19/imagemagick-heap-based-buffer-overflow-in-ispixelgray-pixel-accessor-h http://www.openwall.com/lists/oss-security/2016/11/23/1 http://www.openwall.com/lists/oss-security/2016/12/01/4 http://www.openwall.com/lists/oss-security/2016/12/02/12 SuSE Security Announcement: openSUSE-SU-2016:3024 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-12/msg00040.html Common Vulnerability Exposure (CVE) ID: CVE-2016-9773 https://blogs.gentoo.org/ago/2016/12/01/imagemagick-heap-based-buffer-overflow-in-ispixelgray-pixel-accessor-h-incomplete-fix-for-cve-2016-9556/ http://www.openwall.com/lists/oss-security/2016/12/02/11
Copyright	Copyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.