openSUSE Security Update : tiff (openSUSE-2015-476)

This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

tiff was updated to version 4.0.4 to fix six security issues found by
fuzzing initiatives.

These security issues were fixed :

- CVE-2014-8127: Out-of-bounds write (bnc#914890).

- CVE-2014-9655: Access of uninitialized memory
(bnc#916927).

- CVE-2014-8130: Out-of-bounds write (bnc#914890).

- CVE-2015-1547: Use of uninitialized memory in NeXTDecode
(bnc#916925).

- CVE-2014-8129: Out-of-bounds write (bnc#914890).

- CVE-2014-8128: Out-of-bounds write (bnc#914890).

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=914890
https://bugzilla.opensuse.org/show_bug.cgi?id=916925
https://bugzilla.opensuse.org/show_bug.cgi?id=916927

Solution :

Update the affected tiff packages.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)

Family: SuSE Local Security Checks

Nessus Plugin ID: 84655 ()

Bugtraq ID:

CVE ID: CVE-2014-8127
CVE-2014-8128
CVE-2014-8129
CVE-2014-8130
CVE-2014-9655
CVE-2015-1547

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now