Detections
Analytics

RHEL 7 : exiv2 (RHSA-2019:2101)

high Nessus Plugin ID 127672

Language:

Synopsis

The remote Red Hat host is missing one or more security updates.

Description

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2101 advisory.

 - exiv2: heap-buffer-overflow in Exiv2::IptcData::printStructure in src/iptc.cpp (CVE-2017-17724)

 - exiv2: Excessive memory allocation in Exiv2::Jp2Image::readMetadata function in jp2image.cpp (CVE-2018-4868)

 - exiv2: out-of-bounds read in Exiv2::Internal::stringFormat image.cpp (CVE-2018-8976)

 - exiv2: invalid memory access in Exiv2::Internal::printCsLensFFFF function in canonmn_int.cpp (CVE-2018-8977)

 - exiv2: out of bounds read in IptcData::printStructure in iptc.c (CVE-2018-9305)

 - exiv2: OOB read in pngimage.cpp:tEXtToDataBuf() allows for crash via crafted file (CVE-2018-10772)

 - exiv2: SIGABRT caused by memory allocation in types.cpp:Exiv2::Internal::PngChunk::zlibUncompress() (CVE-2018-10958)

 - exiv2: SIGABRT by triggering an incorrect Safe::add call (CVE-2018-10998)

 - exiv2: heap-based buffer over-read in parseTXTChunk function (CVE-2018-10999)

 - exiv2: information leak via a crafted file (CVE-2018-11037)

 - exiv2: integer overflow in getData function in preview.cpp (CVE-2018-12264)

 - exiv2: integer overflow in the LoaderExifJpeg class in preview.cpp (CVE-2018-12265)

 - exiv2: heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp (CVE-2018-14046)

 - exiv2: NULL pointer dereference in Exiv2::DataValue::copy in value.cpp leading to application crash (CVE-2018-17282)

 - exiv2: Stack overflow in CiffDirectory::readDirectory() at crwimage_int.cpp leading to denial of service (CVE-2018-17581)

 - exiv2: infinite loop in Exiv2::Image::printIFDStructure function in image.cpp (CVE-2018-18915)

 - exiv2: heap-based buffer over-read in Exiv2::IptcParser::decode in iptc.cpp (CVE-2018-19107)

 - exiv2: infinite loop in Exiv2::PsdImage::readMetadata in psdimage.cpp (CVE-2018-19108)

 - exiv2: heap-based buffer over-read in PngChunk::readRawProfile in pngchunk_int.cpp (CVE-2018-19535)

 - exiv2: NULL pointer dereference in Exiv2::isoSpeed in easyaccess.cpp (CVE-2018-19607)

 - exiv2: Heap-based buffer over-read in Exiv2::tEXtToDataBuf function resulting in a denial of service (CVE-2018-20096)

 - exiv2: Segmentation fault in Exiv2::Internal::TiffParserWorker::findPrimaryGroups function (CVE-2018-20097)

 - exiv2: Heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header resulting in a denial of service (CVE-2018-20098)

 - exiv2: Infinite loop in Exiv2::Jp2Image::encodeJp2Header resulting in a denial of service (CVE-2018-20099)

 - exiv2: infinite recursion in Exiv2::Image::printTiffStructure in file image.cpp resulting in denial of service (CVE-2019-9143)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.redhat.com/show_bug.cgi?id=1566260

https://bugzilla.redhat.com/show_bug.cgi?id=1566735

https://bugzilla.redhat.com/show_bug.cgi?id=1578659

https://bugzilla.redhat.com/show_bug.cgi?id=1579481

https://bugzilla.redhat.com/show_bug.cgi?id=1579544

https://bugzilla.redhat.com/show_bug.cgi?id=1590993

https://bugzilla.redhat.com/show_bug.cgi?id=1590994

https://bugzilla.redhat.com/show_bug.cgi?id=1594627

https://bugzilla.redhat.com/show_bug.cgi?id=1601628

https://bugzilla.redhat.com/show_bug.cgi?id=1632490

https://bugzilla.redhat.com/show_bug.cgi?id=1635045

https://bugzilla.redhat.com/show_bug.cgi?id=1646555

https://bugzilla.redhat.com/show_bug.cgi?id=1649094

https://bugzilla.redhat.com/show_bug.cgi?id=1649101

https://bugzilla.redhat.com/show_bug.cgi?id=1652637

https://bugzilla.redhat.com/show_bug.cgi?id=1656187

https://bugzilla.redhat.com/show_bug.cgi?id=1656195

https://bugzilla.redhat.com/show_bug.cgi?id=1660423

https://bugzilla.redhat.com/show_bug.cgi?id=1660424

https://bugzilla.redhat.com/show_bug.cgi?id=1660425

https://bugzilla.redhat.com/show_bug.cgi?id=1660426

https://bugzilla.redhat.com/show_bug.cgi?id=1664361

http://www.nessus.org/u?16e7c006

http://www.nessus.org/u?cc7115e8

https://access.redhat.com/errata/RHSA-2019:2101

https://access.redhat.com/security/updates/classification/#low

https://bugzilla.redhat.com/show_bug.cgi?id=1465061

https://bugzilla.redhat.com/show_bug.cgi?id=1470729

https://bugzilla.redhat.com/show_bug.cgi?id=1470737

https://bugzilla.redhat.com/show_bug.cgi?id=1470913

https://bugzilla.redhat.com/show_bug.cgi?id=1470946

https://bugzilla.redhat.com/show_bug.cgi?id=1470950

https://bugzilla.redhat.com/show_bug.cgi?id=1471772

https://bugzilla.redhat.com/show_bug.cgi?id=1473888

https://bugzilla.redhat.com/show_bug.cgi?id=1473889

https://bugzilla.redhat.com/show_bug.cgi?id=1475123

https://bugzilla.redhat.com/show_bug.cgi?id=1475124

https://bugzilla.redhat.com/show_bug.cgi?id=1482295

https://bugzilla.redhat.com/show_bug.cgi?id=1482296

https://bugzilla.redhat.com/show_bug.cgi?id=1482423

https://bugzilla.redhat.com/show_bug.cgi?id=1494443

https://bugzilla.redhat.com/show_bug.cgi?id=1494467

https://bugzilla.redhat.com/show_bug.cgi?id=1494776

https://bugzilla.redhat.com/show_bug.cgi?id=1494778

https://bugzilla.redhat.com/show_bug.cgi?id=1494780

https://bugzilla.redhat.com/show_bug.cgi?id=1494781

https://bugzilla.redhat.com/show_bug.cgi?id=1494782

https://bugzilla.redhat.com/show_bug.cgi?id=1494786

https://bugzilla.redhat.com/show_bug.cgi?id=1494787

https://bugzilla.redhat.com/show_bug.cgi?id=1495043

https://bugzilla.redhat.com/show_bug.cgi?id=1524104

https://bugzilla.redhat.com/show_bug.cgi?id=1524107

https://bugzilla.redhat.com/show_bug.cgi?id=1524116

https://bugzilla.redhat.com/show_bug.cgi?id=1525055

https://bugzilla.redhat.com/show_bug.cgi?id=1537353

https://bugzilla.redhat.com/show_bug.cgi?id=1545237

https://bugzilla.redhat.com/show_bug.cgi?id=1561213

https://bugzilla.redhat.com/show_bug.cgi?id=1561217

Plugin Details

Severity: High

ID: 127672

File Name: redhat-RHSA-2019-2101.nasl

Version: 1.7

Type: local

Agent: unix

Published: 8/12/2019

Updated: 4/27/2024

Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2019-9143

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.9

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:redhat:enterprise_linux:exiv2, p-cpe:/a:redhat:enterprise_linux:exiv2-devel, p-cpe:/a:redhat:enterprise_linux:exiv2-doc, p-cpe:/a:redhat:enterprise_linux:exiv2-libs, cpe:/o:redhat:enterprise_linux:7

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 8/6/2019

Vulnerability Publication Date: 2/12/2018

Reference Information

CVE: CVE-2017-17724, CVE-2018-10772, CVE-2018-10958, CVE-2018-10998, CVE-2018-10999, CVE-2018-11037, CVE-2018-12264, CVE-2018-12265, CVE-2018-14046, CVE-2018-17282, CVE-2018-17581, CVE-2018-18915, CVE-2018-19107, CVE-2018-19108, CVE-2018-19535, CVE-2018-19607, CVE-2018-20096, CVE-2018-20097, CVE-2018-20098, CVE-2018-20099, CVE-2018-4868, CVE-2018-8976, CVE-2018-8977, CVE-2018-9305, CVE-2019-9143

CWE: 119, 122, 125, 190, 200, 400, 476, 835

RHSA: 2019:2101