How to Buy
This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing one or more security
Multiple vulnerabilities was found and corrected in libtiff :
Heap-based buffer overflow in tif_pixarlog.c in LibTIFF before 4.0.3
allows remote attackers to cause a denial of service (application
crash) and possibly execute arbitrary code via a crafted TIFF image
using the PixarLog Compression format (CVE-2012-4447).
ppm2tiff does not check the return value of the TIFFScanlineSize
function, which allows remote attackers to cause a denial of service
(crash) and possibly execute arbitrary code via a crafted PPM image
that triggers an integer overflow, a zero-memory allocation, and a
heap-based buffer overflow (CVE-2012-4564).
The updated packages have been patched to correct these issues.
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.9
Public Exploit Available : false
Family: Mandriva Local Security Checks
Nessus Plugin ID: 63017 ()
Bugtraq ID: 5567356372
CVE ID: CVE-2012-4447CVE-2012-4564
Nessus Professional: Scan unlimited IPs, run compliance checks & moreNessus Cloud: The power of Nessus for teams – from the cloud
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.