This script is Copyright (C) 2014-2017 Tenable Network Security, Inc.
The remote OracleVM host is missing one or more security updates.
The remote OracleVM system is missing necessary patches to address
critical security updates :
- Fix buffer overrun risks caused by unchecked integer
overflow (CVE-2009-2347) Resolves: #507725
- Fix some more LZW decoding vulnerabilities
(CVE-2009-2285) Resolves: #507725
- Update upstream URL
- Use -fno-strict-aliasing per rpmdiff recommendation
- Fix LZW decoding vulnerabilities (CVE-2008-2327)
- Remove sgi2tiff.1 and tiffsv.1, since they are for
programs we don't ship Resolves: #460120
See also :
Update the affected libtiff / libtiff-devel packages.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 6.9
Public Exploit Available : false