FreeBSD : openjpeg -- Multiple vulnerabilities (02db20d7-e34a-11e3-bd92-bcaec565249c)

Critical Nessus Plugin ID 74176

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Openjpeg release notes report :

That CVE-2012-3535 and CVE-2012-3358 are fixed in the 1.5.1 release.

That CVE-2013-4289, CVE-2013-4290, CVE-2013-1447, CVE-2013-6045, CVE-2013-6052, CVE-2013-6054, CVE-2013-6053, CVE-2013-6887, where fixed in the 1.5.2 release.

Solution

Update the affected package.

See Also

http://openjpeg.googlecode.com/svn/tags/version.1.5.1/NEWS

http://openjpeg.googlecode.com/svn/tags/version.1.5.2/NEWS

http://www.nessus.org/u?d82f4654

Plugin Details

Severity: Critical

ID: 74176

File Name: freebsd_pkg_02db20d7e34a11e3bd92bcaec565249c.nasl

Version: 1.3

Type: local

Published: 2014/05/26

Updated: 2018/11/10

Dependencies: 12634

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:openjpeg, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2014/05/24

Vulnerability Publication Date: 2012/05/13

Reference Information

CVE: CVE-2012-3358, CVE-2012-3535, CVE-2013-1447, CVE-2013-4289, CVE-2013-4290, CVE-2013-6045, CVE-2013-6052, CVE-2013-6053, CVE-2013-6054, CVE-2013-6887