Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.891934 |
Kategorie: | Debian Local Security Checks |
Titel: | Debian LTS: Security Advisory for cimg (DLA-1934-1) |
Zusammenfassung: | The remote host is missing an update for the 'cimg'; package(s) announced via the DLA-1934-1 advisory. |
Beschreibung: | Summary: The remote host is missing an update for the 'cimg' package(s) announced via the DLA-1934-1 advisory. Vulnerability Insight: Several issues have been found in cimg, a powerful image processing library. CVE-2019-1010174 is related to a missing string sanitization on URLs, which might result in a command injection when loading a special crafted image. The other CVEs are about heap-based buffer over-reads or double frees when loading an image. Affected Software/OS: 'cimg' package(s) on Debian Linux. Solution: For Debian 8 'Jessie', these problems have been fixed in version 1.5.9+dfsg-1+deb8u1. We recommend that you upgrade your cimg packages. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2018-7588 https://github.com/dtschump/CImg/issues/183 https://github.com/xiaoqx/pocs/tree/master/cimg https://lists.debian.org/debian-lts-announce/2019/09/msg00030.html https://lists.debian.org/debian-lts-announce/2020/10/msg00033.html https://usn.ubuntu.com/4039-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-7589 https://github.com/dtschump/CImg/issues/184 Common Vulnerability Exposure (CVE) ID: CVE-2018-7637 https://github.com/dtschump/CImg/issues/185 Common Vulnerability Exposure (CVE) ID: CVE-2018-7638 Common Vulnerability Exposure (CVE) ID: CVE-2018-7639 Common Vulnerability Exposure (CVE) ID: CVE-2018-7640 Common Vulnerability Exposure (CVE) ID: CVE-2018-7641 |
Copyright | Copyright (C) 2019 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |