This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote SuSE 10 host is missing a security-related patch.
This update of ImageMagick fixes multiple security vulnerabilities
that could have been exploited by attackers via specially crafted
image files :
- Integer overflow when processing EXIF directory entries
with tags of e.g. format 5 (EXIF_FMT_URATIONAL) and a
large components count. (CVE-2012-0259 / CVE-2012-1610)
- Integer overflows via 'number_bytes' and 'offset' could
lead to memory corruption. (CVE-2012-0247 /
- Denial of service via 'profile.c'. (CVE-2012-0248 /
- Denial of service via JPEG restart markers (excessive
CPU consumption). (CVE-2012-0260)
See also :
Apply ZYPP patch number 8104.
Risk factor :
High / CVSS Base Score : 9.3
Family: SuSE Local Security Checks
Nessus Plugin ID: 59602 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now