KB4015383: Security Updates for the libjpeg Information Disclosure Vulnerability (April 2017)

This script is Copyright (C) 2017 Tenable Network Security, Inc.

Synopsis :

The remote Windows host is affected by an information disclosure

Description :

The remote Windows host is missing security updates. It is,
therefore, affected by an information disclosure vulnerability in the
open-source libjpeg image processing library due to improper handling
of objects in memory. An unauthenticated, remote attacker can exploit
this to disclose sensitive information that can be utilized to bypass
ASLR security protections.

See also :


Solution :

Apply the following security updates :

- KB4014794
- KB4014652
- KB4015383

Risk factor :

Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.5
Public Exploit Available : true

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 99309 ()

Bugtraq ID: 63676

CVE ID: CVE-2013-6629

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now