Mandrake Local Security Checks : Mandriva Update for libtiff MDVSA-2012:184 (libtiff)

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.831760

Kategorie: Mandrake Local Security Checks

Titel: Mandriva Update for libtiff MDVSA-2012:184 (libtiff)

Zusammenfassung: The remote host is missing an update for the 'libtiff'; package(s) announced via the referenced advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'libtiff'
package(s) announced via the referenced advisory.

Vulnerability Insight:
A vulnerability was found and corrected in libtiff:

A stack-based buffer overflow was found in the way libtiff
handled DOTRANGE tags. An attacker could use this flaw to create
a specially-crafted TIFF file that, when opened, would cause an
application linked against libtiff to crash or, possibly, execute
arbitrary code (CVE-2012-5581).

The updated packages have been patched to correct this issue.

Affected Software/OS:
libtiff on Mandriva Linux 2011.0,
Mandriva Enterprise Server 5.2

Solution:
Please Install the Updated Packages.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2012-5581
BugTraq ID: 56715
http://www.securityfocus.com/bid/56715
Debian Security Information: DSA-2589 (Google Search)
http://www.debian.org/security/2012/dsa-2589
https://bugzilla.redhat.com/show_bug.cgi?id=867235
http://www.openwall.com/lists/oss-security/2012/11/28/1
RedHat Security Advisories: RHSA-2012:1590
http://rhn.redhat.com/errata/RHSA-2012-1590.html
http://secunia.com/advisories/51491
SuSE Security Announcement: openSUSE-SU-2013:0187 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-01/msg00076.html
http://www.ubuntu.com/usn/USN-1655-1
XForce ISS Database: libtiff-dotrange-bo(80339)
https://exchange.xforce.ibmcloud.com/vulnerabilities/80339

Copyright Copyright (c) 2012 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.831760
Kategorie:	Mandrake Local Security Checks
Titel:	Mandriva Update for libtiff MDVSA-2012:184 (libtiff)
Zusammenfassung:	The remote host is missing an update for the 'libtiff'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'libtiff' package(s) announced via the referenced advisory. Vulnerability Insight: A vulnerability was found and corrected in libtiff: A stack-based buffer overflow was found in the way libtiff handled DOTRANGE tags. An attacker could use this flaw to create a specially-crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code (CVE-2012-5581). The updated packages have been patched to correct this issue. Affected Software/OS: libtiff on Mandriva Linux 2011.0, Mandriva Enterprise Server 5.2 Solution: Please Install the Updated Packages. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2012-5581 BugTraq ID: 56715 http://www.securityfocus.com/bid/56715 Debian Security Information: DSA-2589 (Google Search) http://www.debian.org/security/2012/dsa-2589 https://bugzilla.redhat.com/show_bug.cgi?id=867235 http://www.openwall.com/lists/oss-security/2012/11/28/1 RedHat Security Advisories: RHSA-2012:1590 http://rhn.redhat.com/errata/RHSA-2012-1590.html http://secunia.com/advisories/51491 SuSE Security Announcement: openSUSE-SU-2013:0187 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-01/msg00076.html http://www.ubuntu.com/usn/USN-1655-1 XForce ISS Database: libtiff-dotrange-bo(80339) https://exchange.xforce.ibmcloud.com/vulnerabilities/80339
Copyright	Copyright (c) 2012 Greenbone Networks GmbH