Detections
Analytics
FreeBSD : OpenJPEG -- multiple vulnerabilities (11dc3890-0e64-11e8-99b0-d017c2987f9a)
critical Nessus Plugin ID 111404
Language:
Synopsis
The remote FreeBSD host is missing a security-related update.Description
OpenJPEG reports :Multiple vulnerabilities have been found in OpenJPEG, the opensource JPEG 2000 codec. Please consult the CVE list for further details.
CVE-2017-17479 and CVE-2017-17480 were fixed in r477112.
CVE-2018-5785 was fixed in r480624.
CVE-2018-6616 was fixed in r489415.
Solution
Update the affected package.See Also
Plugin Details
Severity: Critical
ID: 111404
File Name: freebsd_pkg_11dc38900e6411e899b0d017c2987f9a.nasl
Version: 1.9
Type: local
Family: FreeBSD Local Security Checks
Published: 7/30/2018
Updated: 10/11/2019
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: High
Base Score: 7.5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Information
CPE: p-cpe:/a:freebsd:freebsd:openjpeg, cpe:/o:freebsd:freebsd
Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info
Patch Publication Date: 7/27/2018
Vulnerability Publication Date: 12/8/2017
Reference Information
CVE: CVE-2017-17479, CVE-2017-17480, CVE-2018-5785, CVE-2018-6616