Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.871593
Kategorie:Red Hat Local Security Checks
Titel:RedHat Update for graphite2 RHSA-2016:0594-01
Zusammenfassung:The remote host is missing an update for the 'graphite2'; package(s) announced via the referenced advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'graphite2'
package(s) announced via the referenced advisory.

Vulnerability Insight:
Graphite2 is a project within SIL's Non-Roman
Script Initiative and Language Software Development groups to provide rendering
capabilities for complex non-Roman writing systems. Graphite can be used to create
'smart fonts' capable of displaying writing systems with various complex
behaviors. With respect to the Text Encoding Model, Graphite handles the
'Rendering' aspect of writing system implementation.

The following packages have been upgraded to a newer upstream version:
graphite2 (1.3.6).

Security Fix(es):

* Various vulnerabilities have been discovered in Graphite2. An attacker
able to trick an unsuspecting user into opening specially crafted font
files in an application using Graphite2 could exploit these flaws to cause
the application to crash or, potentially, execute arbitrary code with the
privileges of the application. (CVE-2016-1521, CVE-2016-1522,
CVE-2016-1523, CVE-2016-1526)

Affected Software/OS:
graphite2 on Red Hat Enterprise Linux Server (v. 7)

Solution:
Please Install the Updated Packages.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2016-1521
BugTraq ID: 82991
http://www.securityfocus.com/bid/82991
Debian Security Information: DSA-3479 (Google Search)
http://www.debian.org/security/2016/dsa-3479
http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184623.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177520.html
https://security.gentoo.org/glsa/201701-35
https://security.gentoo.org/glsa/201701-63
http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html
RedHat Security Advisories: RHSA-2016:0197
http://rhn.redhat.com/errata/RHSA-2016-0197.html
RedHat Security Advisories: RHSA-2016:0258
http://rhn.redhat.com/errata/RHSA-2016-0258.html
RedHat Security Advisories: RHSA-2016:0594
http://rhn.redhat.com/errata/RHSA-2016-0594.html
SuSE Security Announcement: SUSE-SU-2016:0779 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00052.html
SuSE Security Announcement: openSUSE-SU-2016:0791 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00058.html
SuSE Security Announcement: openSUSE-SU-2016:0875 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00088.html
http://www.ubuntu.com/usn/USN-2902-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-1522
Common Vulnerability Exposure (CVE) ID: CVE-2016-1523
Debian Security Information: DSA-3477 (Google Search)
http://www.debian.org/security/2016/dsa-3477
Debian Security Information: DSA-3491 (Google Search)
http://www.debian.org/security/2016/dsa-3491
https://security.gentoo.org/glsa/201605-06
http://www.securitytracker.com/id/1035017
SuSE Security Announcement: SUSE-SU-2016:0554 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00053.html
SuSE Security Announcement: SUSE-SU-2016:0564 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00055.html
http://www.ubuntu.com/usn/USN-2904-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-1526
RedHat Security Advisories: RHSA-2016:0695
http://rhn.redhat.com/errata/RHSA-2016-0695.html
CopyrightCopyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.