FreeBSD : gdk-pixbuf -- multiple vulnerabilities (5a1f1a86-8f4c-11e7-b5af-a4badb2f4699)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

TALOS reports :

- An exploitable integer overflow vulnerability exists in the
tiff_image_parse functionality.

- An exploitable heap-overflow vulnerability exists in the
gdk_pixbuf__jpeg_image_load_increment functionality.

See also :

http://www.nessus.org/u?2520933c
http://www.nessus.org/u?9694b581

Solution :

Update the affected package.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 102939 ()

Bugtraq ID:

CVE ID: CVE-2017-2862
CVE-2017-2870

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now