Search...

Fedora 27 : lcms2 (2018-3e9f26489b)

2018-10-05T00:00:00

ID FEDORA_2018-3E9F26489B.NASL
Type nessus
Reporter This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
Modified 2018-10-05T00:00:00

Description

Security fix for CVE-2018-16435

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

                                        
                                            #%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Fedora Security Advisory FEDORA-2018-3e9f26489b.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(117927);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2018-16435");
  script_xref(name:"FEDORA", value:"2018-3e9f26489b");

  script_name(english:"Fedora 27 : lcms2 (2018-3e9f26489b)");
  script_summary(english:"Checks rpm output for the updated package.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Fedora host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Security fix for CVE-2018-16435

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as
possible without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bodhi.fedoraproject.org/updates/FEDORA-2018-3e9f26489b"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected lcms2 package.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:lcms2");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:27");

  script_set_attribute(attribute:"vuln_publication_date", value:"2018/09/04");
  script_set_attribute(attribute:"patch_publication_date", value:"2018/10/04");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/10/05");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Fedora Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" &gt;!&lt; release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! preg(pattern:"^27([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 27", "Fedora " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" &gt;!&lt; cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);


flag = 0;
if (rpm_check(release:"FC27", reference:"lcms2-2.8-6.fc27")) flag++;


if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "lcms2");
}

JSON Vulners Source

Initial Source

{"id": "FEDORA_2018-3E9F26489B.NASL", "bulletinFamily": "scanner", "title": "Fedora 27 : lcms2 (2018-3e9f26489b)", "description": "Security fix for CVE-2018-16435\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "published": "2018-10-05T00:00:00", "modified": "2018-10-05T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "href": "https://www.tenable.com/plugins/nessus/117927", "reporter": "This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://bodhi.fedoraproject.org/updates/FEDORA-2018-3e9f26489b"], "cvelist": ["CVE-2018-16435"], "type": "nessus", "lastseen": "2021-01-07T10:17:04", "edition": 16, "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2018-16435"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4284-1:5963D", "DEBIAN:DLA-1496-1:2F059"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:3529-1", "OPENSUSE-SU-2019:0043-1", "OPENSUSE-SU-2019:0042-1"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310891496", "OPENVAS:1361412562311220192342", "OPENVAS:1361412562310875139", "OPENVAS:1361412562310852105", "OPENVAS:1361412562310704284", "OPENVAS:1361412562310843704", "OPENVAS:1361412562310876138", "OPENVAS:1361412562310852228", "OPENVAS:1361412562310875106", "OPENVAS:1361412562310852231"]}, {"type": "fedora", "idList": ["FEDORA:629F760879F0", "FEDORA:30ADE604622B", "FEDORA:532F960CF00C", "FEDORA:DA59A6087D6C", "FEDORA:6CB7260A1851"]}, {"type": "nessus", "idList": ["OPENSUSE-2019-880.NASL", "FEDORA_2018-1CB4C4A6D8.NASL", "SUSE_SU-2018-3498-1.NASL", "EULEROS_SA-2020-2286.NASL", "UBUNTU_USN-3770-1.NASL", "FEDORA_2018-6AC39C63C4.NASL", "DEBIAN_DSA-4284.NASL", "OPENSUSE-2018-1327.NASL", "DEBIAN_DLA-1496.NASL", "EULEROS_SA-2019-2342.NASL"]}, {"type": "ubuntu", "idList": ["USN-3770-1", "USN-3770-2"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:AFE5A77EBE4E39A2F02201C20DDD401B"]}, {"type": "redhat", "idList": ["RHSA-2018:3004"]}], "modified": "2021-01-07T10:17:04", "rev": 2}, "score": {"value": 6.0, "vector": "NONE", "modified": "2021-01-07T10:17:04", "rev": 2}, "vulnersScore": 6.0}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-3e9f26489b.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(117927);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-16435\");\n script_xref(name:\"FEDORA\", value:\"2018-3e9f26489b\");\n\n script_name(english:\"Fedora 27 : lcms2 (2018-3e9f26489b)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2018-16435\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-3e9f26489b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected lcms2 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:lcms2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:27\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/09/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^27([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 27\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC27\", reference:\"lcms2-2.8-6.fc27\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lcms2\");\n}\n", "naslFamily": "Fedora Local Security Checks", "pluginID": "117927", "cpe": ["cpe:/o:fedoraproject:fedora:27", "p-cpe:/a:fedoraproject:fedora:lcms2"], "scheme": null, "cvss3": {"score": 5.5, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}}

{"cve": [{"lastseen": "2020-10-03T13:20:15", "description": "Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile.", "edition": 4, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-09-04T00:29:00", "title": "CVE-2018-16435", "type": "cve", "cwe": ["CWE-190", "CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16435"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04", "cpe:/o:redhat:enterprise_linux_desktop:6.0", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/a:littlecms:little_cms_color_engine:2.9", "cpe:/o:redhat:enterprise_linux_workstation:6.0", "cpe:/o:redhat:enterprise_linux_server:6.0", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2018-16435", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-16435", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:littlecms:little_cms_color_engine:2.9:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}], "suse": [{"lastseen": "2018-10-27T14:31:32", "bulletinFamily": "unix", "cvelist": ["CVE-2018-16435"], "description": "This update for lcms2 fixes the following issues:\n\n - CVE-2018-16435: Heap-based buffer overflow via a crafted file in the\n second argument to cmsIT8LoadFromFile (bsc#1108813)\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "edition": 1, "modified": "2018-10-27T12:08:37", "published": "2018-10-27T12:08:37", "id": "OPENSUSE-SU-2018:3529-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00081.html", "title": "Security update for lcms2 (moderate)", "type": "suse", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2019-01-12T08:03:31", "bulletinFamily": "unix", "cvelist": ["CVE-2018-3183", "CVE-2018-3180", "CVE-2018-3136", "CVE-2018-3214", "CVE-2018-13785", "CVE-2018-3139", "CVE-2018-3169", "CVE-2018-3149", "CVE-2018-16435"], "description": "This update for java-1_8_0-openjdk to version 8u191 fixes the following\n issues:\n\n Security issues fixed:\n\n - CVE-2018-3136: Manifest better support (bsc#1112142)\n - CVE-2018-3139: Better HTTP Redirection (bsc#1112143)\n - CVE-2018-3149: Enhance JNDI lookups (bsc#1112144)\n - CVE-2018-3169: Improve field accesses (bsc#1112146)\n - CVE-2018-3180: Improve TLS connections stability (bsc#1112147)\n - CVE-2018-3214: Better RIFF reading support (bsc#1112152)\n - CVE-2018-13785: Upgrade JDK 8u to libpng 1.6.35 (bsc#1112153)\n - CVE-2018-3183: Improve script engine support (bsc#1112148)\n - CVE-2018-16435: heap-based buffer overflow in SetData function in\n cmsIT8LoadFromFile\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "edition": 1, "modified": "2019-01-12T03:10:05", "published": "2019-01-12T03:10:05", "id": "OPENSUSE-SU-2019:0043-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-01/msg00008.html", "title": "Security update for java-1_8_0-openjdk (important)", "type": "suse", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-12T08:03:31", "bulletinFamily": "unix", "cvelist": ["CVE-2018-3180", "CVE-2018-2938", "CVE-2018-2973", "CVE-2018-3136", "CVE-2018-3214", "CVE-2018-13785", "CVE-2018-3139", "CVE-2018-2940", "CVE-2018-3169", "CVE-2018-3149", "CVE-2018-16435", "CVE-2018-3639", "CVE-2018-2952"], "description": "This update for java-1_7_0-openjdk to version 7u201 fixes the following\n issues:\n\n Security issues fixed:\n\n - CVE-2018-3136: Manifest better support (bsc#1112142)\n - CVE-2018-3139: Better HTTP Redirection (bsc#1112143)\n - CVE-2018-3149: Enhance JNDI lookups (bsc#1112144)\n - CVE-2018-3169: Improve field accesses (bsc#1112146)\n - CVE-2018-3180: Improve TLS connections stability (bsc#1112147)\n - CVE-2018-3214: Better RIFF reading support (bsc#1112152)\n - CVE-2018-13785: Upgrade JDK 8u to libpng 1.6.35 (bsc#1112153)\n - CVE-2018-16435: heap-based buffer overflow in SetData function in\n cmsIT8LoadFromFile\n - CVE-2018-2938: Support Derby connections (bsc#1101644)\n - CVE-2018-2940: Better stack walking (bsc#1101645)\n - CVE-2018-2952: Exception to Pattern Syntax (bsc#1101651)\n - CVE-2018-2973: Improve LDAP support (bsc#1101656)\n - CVE-2018-3639 cpu speculative store bypass mitigation\n\n This update was imported from the SUSE:SLE-12:Update update project.\n\n", "edition": 1, "modified": "2019-01-12T03:18:08", "published": "2019-01-12T03:18:08", "id": "OPENSUSE-SU-2019:0042-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-01/msg00012.html", "title": "Security update for java-1_7_0-openjdk (important)", "type": "suse", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2020-01-27T18:37:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-16435"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192342", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192342", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for lcms2 (EulerOS-SA-2019-2342)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2342\");\n script_version(\"2020-01-23T12:47:35+0000\");\n script_cve_id(\"CVE-2018-16435\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:47:35 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:47:35 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for lcms2 (EulerOS-SA-2019-2342)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.3\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2342\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2342\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'lcms2' package(s) announced via the EulerOS-SA-2019-2342 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile.(CVE-2018-16435)\");\n\n script_tag(name:\"affected\", value:\"'lcms2' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.3.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.3.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"lcms2\", rpm:\"lcms2~2.9~4.h2.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.3.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-31T17:38:42", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-16435"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2018-10-28T00:00:00", "id": "OPENVAS:1361412562310852105", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852105", "type": "openvas", "title": "openSUSE: Security Advisory for lcms2 (openSUSE-SU-2018:3529-1)", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852105\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2018-16435\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-10-28 06:04:16 +0100 (Sun, 28 Oct 2018)\");\n script_name(\"openSUSE: Security Advisory for lcms2 (openSUSE-SU-2018:3529-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:3529-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-10/msg00081.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'lcms2'\n package(s) announced via the openSUSE-SU-2018:3529-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for lcms2 fixes the following issues:\n\n - CVE-2018-16435: Heap-based buffer overflow via a crafted file in the\n second argument to cmsIT8LoadFromFile (bsc#1108813)\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2018-1327=1\");\n\n script_tag(name:\"affected\", value:\"lcms2 on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n if(!isnull(res = isrpmvuln(pkg:\"lcms2\", rpm:\"lcms2~2.9~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"lcms2-debuginfo\", rpm:\"lcms2-debuginfo~2.9~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"lcms2-debugsource\", rpm:\"lcms2-debugsource~2.9~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"liblcms2-2\", rpm:\"liblcms2-2~2.9~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"liblcms2-2-debuginfo\", rpm:\"liblcms2-2-debuginfo~2.9~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"liblcms2-devel\", rpm:\"liblcms2-devel~2.9~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"liblcms2-doc\", rpm:\"liblcms2-doc~2.9~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"liblcms2-2-32bit\", rpm:\"liblcms2-2-32bit~2.9~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"liblcms2-2-32bit-debuginfo\", rpm:\"liblcms2-2-32bit-debuginfo~2.9~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"liblcms2-devel-32bit\", rpm:\"liblcms2-devel-32bit~2.9~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:33:07", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-16435"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2018-10-05T00:00:00", "id": "OPENVAS:1361412562310875139", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875139", "type": "openvas", "title": "Fedora Update for lcms2 FEDORA-2018-3e9f26489b", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_3e9f26489b_lcms2_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for lcms2 FEDORA-2018-3e9f26489b\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875139\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-10-05 08:39:51 +0200 (Fri, 05 Oct 2018)\");\n script_cve_id(\"CVE-2018-16435\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for lcms2 FEDORA-2018-3e9f26489b\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'lcms2'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n script_tag(name:\"affected\", value:\"lcms2 on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-3e9f26489b\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QM6HH7URNVX5H4FWGH3OHYVTXLUXMS2N\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"lcms2\", rpm:\"lcms2~2.8~6.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:32:57", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-16435"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310875106", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875106", "type": "openvas", "title": "Fedora Update for lcms2 FEDORA-2018-1cb4c4a6d8", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_1cb4c4a6d8_lcms2_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for lcms2 FEDORA-2018-1cb4c4a6d8\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875106\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-09-28 13:34:18 +0200 (Fri, 28 Sep 2018)\");\n script_cve_id(\"CVE-2018-16435\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for lcms2 FEDORA-2018-1cb4c4a6d8\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'lcms2'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n script_tag(name:\"affected\", value:\"lcms2 on Fedora 28\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-1cb4c4a6d8\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ILGDBJPOHHN3S43OY6DWGBUZYKU5KJGP\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"lcms2\", rpm:\"lcms2~2.9~4.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-29T20:09:31", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-16435"], "description": "It was discovered that there was an integer overflow vulnerability\nin the ", "modified": "2020-01-29T00:00:00", "published": "2018-09-06T00:00:00", "id": "OPENVAS:1361412562310891496", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891496", "type": "openvas", "title": "Debian LTS: Security Advisory for lcms2 (DLA-1496-1)", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891496\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2018-16435\");\n script_name(\"Debian LTS: Security Advisory for lcms2 (DLA-1496-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-09-06 00:00:00 +0200 (Thu, 06 Sep 2018)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2018/09/msg00005.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_tag(name:\"affected\", value:\"lcms2 on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', this issue has been fixed in lcms2 version\n2.6-3+deb8u2.\n\nWe recommend that you upgrade your lcms2 packages.\");\n\n script_tag(name:\"summary\", value:\"It was discovered that there was an integer overflow vulnerability\nin the 'Little CMS 2' colour management library. A specially-crafted\ninput file could lead to a heap-based buffer overflow.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"liblcms2-2\", ver:\"2.6-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"liblcms2-dbg\", ver:\"2.6-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"liblcms2-dev\", ver:\"2.6-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"liblcms2-utils\", ver:\"2.6-3+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-07-04T18:55:27", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-16435"], "description": "Quang Nguyen discovered an integer overflow in the Little CMS 2 colour\nmanagement library, which could result in denial of service and potentially the\nexecution of arbitrary code if a malformed IT8 calibration file is\nprocessed.", "modified": "2019-07-04T00:00:00", "published": "2018-09-04T00:00:00", "id": "OPENVAS:1361412562310704284", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704284", "type": "openvas", "title": "Debian Security Advisory DSA 4284-1 (lcms2 - security update)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4284-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704284\");\n script_version(\"2019-07-04T09:25:28+0000\");\n script_cve_id(\"CVE-2018-16435\");\n script_name(\"Debian Security Advisory DSA 4284-1 (lcms2 - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:25:28 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-09-04 00:00:00 +0200 (Tue, 04 Sep 2018)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2018/dsa-4284.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n script_tag(name:\"affected\", value:\"lcms2 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), this problem has been fixed in\nversion 2.8-4+deb9u1.\n\nWe recommend that you upgrade your lcms2 packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/lcms2\");\n script_tag(name:\"summary\", value:\"Quang Nguyen discovered an integer overflow in the Little CMS 2 colour\nmanagement library, which could result in denial of service and potentially the\nexecution of arbitrary code if a malformed IT8 calibration file is\nprocessed.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"liblcms2-2\", ver:\"2.8-4+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"liblcms2-dev\", ver:\"2.8-4+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"liblcms2-utils\", ver:\"2.8-4+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:33:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-16435", "CVE-2016-10165"], "description": "The remote host is missing an update for the ", "modified": "2019-03-18T00:00:00", "published": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310843704", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843704", "type": "openvas", "title": "Ubuntu Update for lcms2 USN-3770-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3770_1.nasl 14288 2019-03-18 16:34:17Z cfischer $\n#\n# Ubuntu Update for lcms2 USN-3770-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843704\");\n script_version(\"$Revision: 14288 $\");\n script_cve_id(\"CVE-2016-10165\", \"CVE-2018-16435\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 17:34:17 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-10-26 06:08:52 +0200 (Fri, 26 Oct 2018)\");\n script_name(\"Ubuntu Update for lcms2 USN-3770-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|18\\.04 LTS|16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"3770-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3770-1/\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'lcms2'\n package(s) announced via the USN-3770-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Ibrahim El-Sayed discovered that Little CMS incorrectly handled certain\nfiles. An attacker could possibly use this issue to cause a denial of\nservice. (CVE-2016-10165)\n\nQuang Nguyen discovered that Little CMS incorrectly handled certain\nfiles. An attacker could possibly use this issue to execute arbitrary\ncode. (CVE-2018-16435)\");\n\n script_tag(name:\"affected\", value:\"lcms2 on Ubuntu 18.04 LTS,\n Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"liblcms2-2\", ver:\"2.5-0ubuntu4.2\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liblcms2-utils\", ver:\"2.5-0ubuntu4.2\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU18.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"liblcms2-2\", ver:\"2.9-1ubuntu0.1\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liblcms2-utils\", ver:\"2.9-1ubuntu0.1\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"liblcms2-2\", ver:\"2.6-3ubuntu2.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"liblcms2-utils\", ver:\"2.6-3ubuntu2.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2020-01-31T16:53:15", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-3183", "CVE-2018-3180", "CVE-2018-3136", "CVE-2018-3214", "CVE-2018-13785", "CVE-2018-3139", "CVE-2018-3169", "CVE-2018-3149", "CVE-2018-16435"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2019-01-12T00:00:00", "id": "OPENVAS:1361412562310852231", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852231", "type": "openvas", "title": "openSUSE: Security Advisory for java-1_8_0-openjdk (openSUSE-SU-2019:0043-1)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852231\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2018-13785\", \"CVE-2018-16435\", \"CVE-2018-3136\", \"CVE-2018-3139\",\n \"CVE-2018-3149\", \"CVE-2018-3169\", \"CVE-2018-3180\", \"CVE-2018-3183\",\n \"CVE-2018-3214\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-01-12 04:01:58 +0100 (Sat, 12 Jan 2019)\");\n script_name(\"openSUSE: Security Advisory for java-1_8_0-openjdk (openSUSE-SU-2019:0043-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=(openSUSELeap42\\.3|openSUSELeap15\\.0)\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:0043-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00008.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'java-1_8_0-openjdk'\n package(s) announced via the openSUSE-SU-2019:0043-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for java-1_8_0-openjdk to version 8u191 fixes the following\n issues:\n\n Security issues fixed:\n\n - CVE-2018-3136: Manifest better support (bsc#1112142)\n\n - CVE-2018-3139: Better HTTP Redirection (bsc#1112143)\n\n - CVE-2018-3149: Enhance JNDI lookups (bsc#1112144)\n\n - CVE-2018-3169: Improve field accesses (bsc#1112146)\n\n - CVE-2018-3180: Improve TLS connections stability (bsc#1112147)\n\n - CVE-2018-3214: Better RIFF reading support (bsc#1112152)\n\n - CVE-2018-13785: Upgrade JDK 8u to libpng 1.6.35 (bsc#1112153)\n\n - CVE-2018-3183: Improve script engine support (bsc#1112148)\n\n - CVE-2018-16435: heap-based buffer overflow in SetData function in\n cmsIT8LoadFromFile\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2019-43=1\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-43=1\");\n\n script_tag(name:\"affected\", value:\"java-1_8_0-openjdk on openSUSE Leap 42.3, openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk\", rpm:\"java-1_8_0-openjdk~1.8.0.191~30.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-accessibility\", rpm:\"java-1_8_0-openjdk-accessibility~1.8.0.191~30.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-debuginfo\", rpm:\"java-1_8_0-openjdk-debuginfo~1.8.0.191~30.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-debugsource\", rpm:\"java-1_8_0-openjdk-debugsource~1.8.0.191~30.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-demo\", rpm:\"java-1_8_0-openjdk-demo~1.8.0.191~30.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-demo-debuginfo\", rpm:\"java-1_8_0-openjdk-demo-debuginfo~1.8.0.191~30.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-devel\", rpm:\"java-1_8_0-openjdk-devel~1.8.0.191~30.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-devel-debuginfo\", rpm:\"java-1_8_0-openjdk-devel-debuginfo~1.8.0.191~30.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-headless\", rpm:\"java-1_8_0-openjdk-headless~1.8.0.191~30.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-headless-debuginfo\", rpm:\"java-1_8_0-openjdk-headless-debuginfo~1.8.0.191~30.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-src\", rpm:\"java-1_8_0-openjdk-src~1.8.0.191~30.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-javadoc\", rpm:\"java-1_8_0-openjdk-javadoc~1.8.0.191~30.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"openSUSELeap15.0\") {\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk\", rpm:\"java-1_8_0-openjdk~1.8.0.191~lp150.2.9.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-accessibility\", rpm:\"java-1_8_0-openjdk-accessibility~1.8.0.191~lp150.2.9.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-debuginfo\", rpm:\"java-1_8_0-openjdk-debuginfo~1.8.0.191~lp150.2.9.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-debugsource\", rpm:\"java-1_8_0-openjdk-debugsource~1.8.0.191~lp150.2.9.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-demo\", rpm:\"java-1_8_0-openjdk-demo~1.8.0.191~lp150.2.9.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-demo-debuginfo\", rpm:\"java-1_8_0-openjdk-demo-debuginfo~1.8.0.191~lp150.2.9.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-devel\", rpm:\"java-1_8_0-openjdk-devel~1.8.0.191~lp150.2.9.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-devel-debuginfo\", rpm:\"java-1_8_0-openjdk-devel-debuginfo~1.8.0.191~lp150.2.9.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-headless\", rpm:\"java-1_8_0-openjdk-headless~1.8.0.191~lp150.2.9.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-headless-debuginfo\", rpm:\"java-1_8_0-openjdk-headless-debuginfo~1.8.0.191~lp150.2.9.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-src\", rpm:\"java-1_8_0-openjdk-src~1.8.0.191~lp150.2.9.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_8_0-openjdk-javadoc\", rpm:\"java-1_8_0-openjdk-javadoc~1.8.0.191~lp150.2.9.2\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T16:48:47", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-3180", "CVE-2018-2938", "CVE-2018-2973", "CVE-2018-3136", "CVE-2018-3214", "CVE-2018-13785", "CVE-2018-3139", "CVE-2018-2940", "CVE-2018-3169", "CVE-2018-3149", "CVE-2018-16435", "CVE-2018-3639", "CVE-2018-2952"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2019-01-12T00:00:00", "id": "OPENVAS:1361412562310852228", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852228", "type": "openvas", "title": "openSUSE: Security Advisory for java-1_7_0-openjdk (openSUSE-SU-2019:0042-1)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852228\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2018-13785\", \"CVE-2018-16435\", \"CVE-2018-2938\", \"CVE-2018-2940\",\n \"CVE-2018-2952\", \"CVE-2018-2973\", \"CVE-2018-3136\", \"CVE-2018-3139\",\n \"CVE-2018-3149\", \"CVE-2018-3169\", \"CVE-2018-3180\", \"CVE-2018-3214\",\n \"CVE-2018-3639\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-01-12 04:00:51 +0100 (Sat, 12 Jan 2019)\");\n script_name(\"openSUSE: Security Advisory for java-1_7_0-openjdk (openSUSE-SU-2019:0042-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:0042-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00012.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'java-1_7_0-openjdk'\n package(s) announced via the openSUSE-SU-2019:0042-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for java-1_7_0-openjdk to version 7u201 fixes the following\n issues:\n\n Security issues fixed:\n\n - CVE-2018-3136: Manifest better support (bsc#1112142)\n\n - CVE-2018-3139: Better HTTP Redirection (bsc#1112143)\n\n - CVE-2018-3149: Enhance JNDI lookups (bsc#1112144)\n\n - CVE-2018-3169: Improve field accesses (bsc#1112146)\n\n - CVE-2018-3180: Improve TLS connections stability (bsc#1112147)\n\n - CVE-2018-3214: Better RIFF reading support (bsc#1112152)\n\n - CVE-2018-13785: Upgrade JDK 8u to libpng 1.6.35 (bsc#1112153)\n\n - CVE-2018-16435: heap-based buffer overflow in SetData function in\n cmsIT8LoadFromFile\n\n - CVE-2018-2938: Support Derby connections (bsc#1101644)\n\n - CVE-2018-2940: Better stack walking (bsc#1101645)\n\n - CVE-2018-2952: Exception to Pattern Syntax (bsc#1101651)\n\n - CVE-2018-2973: Improve LDAP support (bsc#1101656)\n\n - CVE-2018-3639 cpu speculative store bypass mitigation\n\n This update was imported from the SUSE:SLE-12:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2019-42=1\");\n\n script_tag(name:\"affected\", value:\"java-1_7_0-openjdk on openSUSE Leap 42.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"java-1_7_0-openjdk\", rpm:\"java-1_7_0-openjdk~1.7.0.201~54.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_7_0-openjdk-accessibility\", rpm:\"java-1_7_0-openjdk-accessibility~1.7.0.201~54.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_7_0-openjdk-bootstrap\", rpm:\"java-1_7_0-openjdk-bootstrap~1.7.0.201~54.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_7_0-openjdk-bootstrap-debuginfo\", rpm:\"java-1_7_0-openjdk-bootstrap-debuginfo~1.7.0.201~54.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_7_0-openjdk-bootstrap-debugsource\", rpm:\"java-1_7_0-openjdk-bootstrap-debugsource~1.7.0.201~54.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_7_0-openjdk-bootstrap-devel\", rpm:\"java-1_7_0-openjdk-bootstrap-devel~1.7.0.201~54.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_7_0-openjdk-bootstrap-devel-debuginfo\", rpm:\"java-1_7_0-openjdk-bootstrap-devel-debuginfo~1.7.0.201~54.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_7_0-openjdk-bootstrap-headless\", rpm:\"java-1_7_0-openjdk-bootstrap-headless~1.7.0.201~54.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_7_0-openjdk-bootstrap-headless-debuginfo\", rpm:\"java-1_7_0-openjdk-bootstrap-headless-debuginfo~1.7.0.201~54.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_7_0-openjdk-debuginfo\", rpm:\"java-1_7_0-openjdk-debuginfo~1.7.0.201~54.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_7_0-openjdk-debugsource\", rpm:\"java-1_7_0-openjdk-debugsource~1.7.0.201~54.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_7_0-openjdk-demo\", rpm:\"java-1_7_0-openjdk-demo~1.7.0.201~54.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_7_0-openjdk-demo-debuginfo\", rpm:\"java-1_7_0-openjdk-demo-debuginfo~1.7.0.201~54.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_7_0-openjdk-devel\", rpm:\"java-1_7_0-openjdk-devel~1.7.0.201~54.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_7_0-openjdk-devel-debuginfo\", rpm:\"java-1_7_0-openjdk-devel-debuginfo~1.7.0.201~54.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_7_0-openjdk-headless\", rpm:\"java-1_7_0-openjdk-headless~1.7.0.201~54.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_7_0-openjdk-headless-debuginfo\", rpm:\"java-1_7_0-openjdk-headless-debuginfo~1.7.0.201~54.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_7_0-openjdk-src\", rpm:\"java-1_7_0-openjdk-src~1.7.0.201~54.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"java-1_7_0-openjdk-javadoc\", rpm:\"java-1_7_0-openjdk-javadoc~1.7.0.201~54.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-17464", "CVE-2018-17470", "CVE-2018-17467", "CVE-2018-17472", "CVE-2018-17471", "CVE-2018-5179", "CVE-2018-17466", "CVE-2018-17474", "CVE-2018-17465", "CVE-2018-17475", "CVE-2018-17476", "CVE-2018-17473", "CVE-2018-17463", "CVE-2018-16435", "CVE-2018-17477", "CVE-2018-17469", "CVE-2018-17462", "CVE-2018-17468"], "description": "The remote host is missing an update for the ", "modified": "2019-05-14T00:00:00", "published": "2019-05-07T00:00:00", "id": "OPENVAS:1361412562310876138", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876138", "type": "openvas", "title": "Fedora Update for chromium FEDORA-2018-34f7f68029", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876138\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-16435\", \"CVE-2018-17462\", \"CVE-2018-17463\", \"CVE-2018-17464\", \"CVE-2018-17465\", \"CVE-2018-17466\", \"CVE-2018-17467\", \"CVE-2018-17468\", \"CVE-2018-17469\", \"CVE-2018-17470\", \"CVE-2018-17471\", \"CVE-2018-17473\", \"CVE-2018-17474\", \"CVE-2018-17475\", \"CVE-2018-17476\", \"CVE-2018-5179\", \"CVE-2018-17477\", \"CVE-2018-17472\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:36:12 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for chromium FEDORA-2018-34f7f68029\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2018-34f7f68029\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7KYL6GLSQ3DFIIUGOB2ARZJOC7JED6YW\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'chromium'\n package(s) announced via the FEDORA-2018-34f7f68029 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Chromium is an open-source web browser, powered by WebKit (Blink).\");\n\n script_tag(name:\"affected\", value:\"'chromium' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"chromium\", rpm:\"chromium~70.0.3538.77~4.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2020-08-12T00:47:29", "bulletinFamily": "unix", "cvelist": ["CVE-2018-16435"], "description": "Package : lcms2\nVersion : 2.6-3+deb8u2\nCVE ID : CVE-2018-16435\nDebian Bug : #907983\n\nIt was discovered that there was an integer overflow vulnerability\nin the "Little CMS 2" colour management library. A specially-crafted\ninput file could lead to a heap-based buffer overflow.\n\nFor Debian 8 "Jessie", this issue has been fixed in lcms2 version\n2.6-3+deb8u2.\n\nWe recommend that you upgrade your lcms2 packages.\n\n\nRegards,\n\n- -- \n ,''`.\n : :' : Chris Lamb\n `. `'` lamby@debian.org / chris-lamb.co.uk\n `-\n\n", "edition": 13, "modified": "2018-09-06T09:21:06", "published": "2018-09-06T09:21:06", "id": "DEBIAN:DLA-1496-1:2F059", "href": "https://lists.debian.org/debian-lts-announce/2018/debian-lts-announce-201809/msg00005.html", "title": "[SECURITY] [DLA 1496-1] lcms2 security update", "type": "debian", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-08-12T01:05:32", "bulletinFamily": "unix", "cvelist": ["CVE-2018-16435"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4284-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nSeptember 04, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : lcms2\nCVE ID : CVE-2018-16435\n\nQuang Nguyen discovered an integer overflow in the Little CMS 2 colour\nmanagement library, which could in denial of service and potentially the\nexecution of arbitrary code if a malformed IT8 calibration file is\nprocessed.\n\nFor the stable distribution (stretch), this problem has been fixed in\nversion 2.8-4+deb9u1.\n\nWe recommend that you upgrade your lcms2 packages.\n\nFor the detailed security status of lcms2 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/lcms2\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 19, "modified": "2018-09-04T21:07:53", "published": "2018-09-04T21:07:53", "id": "DEBIAN:DSA-4284-1:5963D", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2018/msg00214.html", "title": "[SECURITY] [DSA 4284-1] lcms2 security update", "type": "debian", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-16435"], "description": "LittleCMS intends to be a small-footprint, speed optimized color management engine in open source form. LCMS2 is the current version of LCMS, and can be parallel installed with the original (deprecated) lcms. ", "modified": "2018-09-27T02:36:19", "published": "2018-09-27T02:36:19", "id": "FEDORA:629F760879F0", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: lcms2-2.9-4.fc28", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-16435"], "description": "LittleCMS intends to be a small-footprint, speed optimized color management engine in open source form. LCMS2 is the current version of LCMS, and can be parallel installed with the original (deprecated) lcms. ", "modified": "2018-10-04T17:15:42", "published": "2018-10-04T17:15:42", "id": "FEDORA:6CB7260A1851", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: lcms2-2.8-6.fc27", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-16435"], "description": "LittleCMS intends to be a small-footprint, speed optimized color management engine in open source form. LCMS2 is the current version of LCMS, and can be parallel installed with the original (deprecated) lcms. ", "modified": "2018-09-22T18:06:19", "published": "2018-09-22T18:06:19", "id": "FEDORA:30ADE604622B", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: lcms2-2.9-4.fc29", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-16435", "CVE-2018-17462", "CVE-2018-17463", "CVE-2018-17464", "CVE-2018-17465", "CVE-2018-17466", "CVE-2018-17467", "CVE-2018-17468", "CVE-2018-17469", "CVE-2018-17470", "CVE-2018-17471", "CVE-2018-17472", "CVE-2018-17473", "CVE-2018-17474", "CVE-2018-17475", "CVE-2018-17476", "CVE-2018-17477", "CVE-2018-5179"], "description": "Chromium is an open-source web browser, powered by WebKit (Blink). ", "modified": "2018-11-23T02:32:21", "published": "2018-11-23T02:32:21", "id": "FEDORA:532F960CF00C", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: chromium-70.0.3538.77-4.fc29", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-16435", "CVE-2018-17462", "CVE-2018-17463", "CVE-2018-17464", "CVE-2018-17465", "CVE-2018-17466", "CVE-2018-17467", "CVE-2018-17468", "CVE-2018-17469", "CVE-2018-17470", "CVE-2018-17471", "CVE-2018-17472", "CVE-2018-17473", "CVE-2018-17474", "CVE-2018-17475", "CVE-2018-17476", "CVE-2018-17477", "CVE-2018-17478", "CVE-2018-17479", "CVE-2018-5179"], "description": "Chromium is an open-source web browser, powered by WebKit (Blink). ", "modified": "2018-11-30T02:14:11", "published": "2018-11-30T02:14:11", "id": "FEDORA:DA59A6087D6C", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: chromium-70.0.3538.110-1.fc28", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2020-06-05T11:16:43", "description": "This update for lcms2 fixes the following issues :\n\n - CVE-2018-16435: Heap-based buffer overflow via a crafted\n file in the second argument to cmsIT8LoadFromFile\n (bsc#1108813)\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "edition": 15, "cvss3": {"score": 5.5, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}, "published": "2018-10-29T00:00:00", "title": "openSUSE Security Update : lcms2 (openSUSE-2018-1327)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-16435"], "modified": "2018-10-29T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:liblcms2-2-32bit-debuginfo", "p-cpe:/a:novell:opensuse:lcms2-debuginfo", "p-cpe:/a:novell:opensuse:liblcms2-2-debuginfo", "cpe:/o:novell:opensuse:15.0", "p-cpe:/a:novell:opensuse:liblcms2-2-32bit", "p-cpe:/a:novell:opensuse:lcms2-debugsource", "p-cpe:/a:novell:opensuse:liblcms2-devel-32bit", "p-cpe:/a:novell:opensuse:liblcms2-devel", "p-cpe:/a:novell:opensuse:lcms2", "p-cpe:/a:novell:opensuse:liblcms2-2"], "id": "OPENSUSE-2018-1327.NASL", "href": "https://www.tenable.com/plugins/nessus/118489", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-1327.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118489);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/04\");\n\n script_cve_id(\"CVE-2018-16435\");\n\n script_name(english:\"openSUSE Security Update : lcms2 (openSUSE-2018-1327)\");\n script_summary(english:\"Check for the openSUSE-2018-1327 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for lcms2 fixes the following issues :\n\n - CVE-2018-16435: Heap-based buffer overflow via a crafted\n file in the second argument to cmsIT8LoadFromFile\n (bsc#1108813)\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1108813\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected lcms2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:lcms2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:lcms2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:lcms2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:liblcms2-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:liblcms2-2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:liblcms2-2-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:liblcms2-2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:liblcms2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:liblcms2-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"lcms2-2.9-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"lcms2-debuginfo-2.9-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"lcms2-debugsource-2.9-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"liblcms2-2-2.9-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"liblcms2-2-debuginfo-2.9-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"liblcms2-devel-2.9-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"liblcms2-2-32bit-2.9-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"liblcms2-2-32bit-debuginfo-2.9-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"liblcms2-devel-32bit-2.9-lp150.2.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lcms2 / lcms2-debuginfo / lcms2-debugsource / liblcms2-2 / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T10:16:25", "description": "Security fix for CVE-2018-16435\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 11, "cvss3": {"score": 5.5, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}, "published": "2019-01-03T00:00:00", "title": "Fedora 28 : lcms2 (2018-1cb4c4a6d8)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-16435"], "modified": "2019-01-03T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:lcms2", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-1CB4C4A6D8.NASL", "href": "https://www.tenable.com/plugins/nessus/120272", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-1cb4c4a6d8.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120272);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-16435\");\n script_xref(name:\"FEDORA\", value:\"2018-1cb4c4a6d8\");\n\n script_name(english:\"Fedora 28 : lcms2 (2018-1cb4c4a6d8)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2018-16435\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-1cb4c4a6d8\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected lcms2 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:lcms2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/09/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"lcms2-2.9-4.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lcms2\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T09:00:24", "description": "According to the version of the lcms2 package installed, the EulerOS\nVirtualization for ARM 64 installation on the remote host is affected\nby the following vulnerability :\n\n - Little CMS (aka Little Color Management System) 2.9 has\n an integer overflow in the AllocateDataSet function in\n cmscgats.c, leading to a heap-based buffer overflow in\n the SetData function via a crafted file in the second\n argument to cmsIT8LoadFromFile.(CVE-2018-16435)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "cvss3": {"score": 5.5, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}, "published": "2019-12-03T00:00:00", "title": "EulerOS Virtualization for ARM 64 3.0.3.0 : lcms2 (EulerOS-SA-2019-2342)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-16435"], "modified": "2019-12-03T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:lcms2", "cpe:/o:huawei:euleros:uvp:3.0.3.0"], "id": "EULEROS_SA-2019-2342.NASL", "href": "https://www.tenable.com/plugins/nessus/131507", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131507);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-16435\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.3.0 : lcms2 (EulerOS-SA-2019-2342)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the lcms2 package installed, the EulerOS\nVirtualization for ARM 64 installation on the remote host is affected\nby the following vulnerability :\n\n - Little CMS (aka Little Color Management System) 2.9 has\n an integer overflow in the AllocateDataSet function in\n cmscgats.c, leading to a heap-based buffer overflow in\n the SetData function via a crafted file in the second\n argument to cmsIT8LoadFromFile.(CVE-2018-16435)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2342\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6d941887\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected lcms2 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:lcms2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.3.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.3.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.3.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"lcms2-2.9-4.h2.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lcms2\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-03-18T03:03:01", "description": "This update for lcms2 fixes the following issues :\n\nCVE-2018-16435: A integer overflow was fixed in the AllocateDataSet\nfunction in cmscgats.c, that could lead to a heap-based buffer\noverflow in the SetData function via a crafted file in the second\nargument to cmsIT8LoadFromFile. (bsc#1108813)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 9, "cvss3": {"score": 5.5, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}, "published": "2019-01-02T00:00:00", "title": "SUSE SLED15 / SLES15 Security Update : lcms2 (SUSE-SU-2018:3498-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-16435"], "modified": "2019-01-02T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:liblcms2-devel", "cpe:/o:novell:suse_linux:15", "p-cpe:/a:novell:suse_linux:lcms2-debuginfo", "p-cpe:/a:novell:suse_linux:lcms2-debugsource", "p-cpe:/a:novell:suse_linux:liblcms2-2-debuginfo", "p-cpe:/a:novell:suse_linux:liblcms2"], "id": "SUSE_SU-2018-3498-1.NASL", "href": "https://www.tenable.com/plugins/nessus/120148", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:3498-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(120148);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/16\");\n\n script_cve_id(\"CVE-2018-16435\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : lcms2 (SUSE-SU-2018:3498-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for lcms2 fixes the following issues :\n\nCVE-2018-16435: A integer overflow was fixed in the AllocateDataSet\nfunction in cmscgats.c, that could lead to a heap-based buffer\noverflow in the SetData function via a crafted file in the second\nargument to cmsIT8LoadFromFile. (bsc#1108813)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1108813\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16435/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20183498-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b7d41bba\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2018-2504=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:lcms2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:lcms2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:liblcms2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:liblcms2-2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:liblcms2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/09/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"lcms2-debuginfo-2.9-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"lcms2-debugsource-2.9-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"liblcms2-2-2.9-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"liblcms2-2-debuginfo-2.9-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"liblcms2-devel-2.9-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"lcms2-debuginfo-2.9-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"lcms2-debugsource-2.9-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"liblcms2-2-2.9-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"liblcms2-2-debuginfo-2.9-3.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"liblcms2-devel-2.9-3.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lcms2\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T09:39:47", "description": "It was discovered that there was an integer overflow vulnerability in\nthe 'Little CMS 2' colour management library. A specially crafted\ninput file could lead to a heap-based buffer overflow.\n\nFor Debian 8 'Jessie', this issue has been fixed in lcms2 version\n2.6-3+deb8u2.\n\nWe recommend that you upgrade your lcms2 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 20, "cvss3": {"score": 5.5, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}, "published": "2018-09-07T00:00:00", "title": "Debian DLA-1496-1 : lcms2 security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-16435"], "modified": "2018-09-07T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:liblcms2-dev", "cpe:/o:debian:debian_linux:8.0", "p-cpe:/a:debian:debian_linux:liblcms2-dbg", "p-cpe:/a:debian:debian_linux:liblcms2-utils", "p-cpe:/a:debian:debian_linux:liblcms2-2"], "id": "DEBIAN_DLA-1496.NASL", "href": "https://www.tenable.com/plugins/nessus/117350", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1496-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(117350);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2018-16435\");\n\n script_name(english:\"Debian DLA-1496-1 : lcms2 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that there was an integer overflow vulnerability in\nthe 'Little CMS 2' colour management library. A specially crafted\ninput file could lead to a heap-based buffer overflow.\n\nFor Debian 8 'Jessie', this issue has been fixed in lcms2 version\n2.6-3+deb8u2.\n\nWe recommend that you upgrade your lcms2 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2018/09/msg00005.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/lcms2\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:liblcms2-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:liblcms2-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:liblcms2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:liblcms2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/09/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"liblcms2-2\", reference:\"2.6-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"liblcms2-dbg\", reference:\"2.6-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"liblcms2-dev\", reference:\"2.6-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"liblcms2-utils\", reference:\"2.6-3+deb8u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T09:06:49", "description": "According to the version of the lcms2 package installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - Little CMS (aka Little Color Management System) 2.9 has\n an integer overflow in the AllocateDataSet function in\n cmscgats.c, leading to a heap-based buffer overflow in\n the SetData function via a crafted file in the second\n argument to cmsIT8LoadFromFile.(CVE-2018-16435)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 4, "cvss3": {"score": 5.5, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}, "published": "2020-10-30T00:00:00", "title": "EulerOS 2.0 SP5 : lcms2 (EulerOS-SA-2020-2286)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-16435"], "modified": "2020-10-30T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:lcms2", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-2286.NASL", "href": "https://www.tenable.com/plugins/nessus/142091", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142091);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-16435\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : lcms2 (EulerOS-SA-2020-2286)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the lcms2 package installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - Little CMS (aka Little Color Management System) 2.9 has\n an integer overflow in the AllocateDataSet function in\n cmscgats.c, leading to a heap-based buffer overflow in\n the SetData function via a crafted file in the second\n argument to cmsIT8LoadFromFile.(CVE-2018-16435)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-2286\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1e79f9f8\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected lcms2 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:lcms2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"lcms2-2.6-3.h3.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lcms2\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T01:48:01", "description": "Quang Nguyen discovered an integer overflow in the Little CMS 2 colour\nmanagement library, which could result in denial of service and\npotentially the execution of arbitrary code if a malformed IT8\ncalibration file is processed.", "edition": 23, "cvss3": {"score": 5.5, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}, "published": "2018-09-05T00:00:00", "title": "Debian DSA-4284-1 : lcms2 - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-16435"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:lcms2", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4284.NASL", "href": "https://www.tenable.com/plugins/nessus/112280", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4284. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(112280);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/11/13 12:30:47\");\n\n script_cve_id(\"CVE-2018-16435\");\n script_xref(name:\"DSA\", value:\"4284\");\n\n script_name(english:\"Debian DSA-4284-1 : lcms2 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Quang Nguyen discovered an integer overflow in the Little CMS 2 colour\nmanagement library, which could result in denial of service and\npotentially the execution of arbitrary code if a malformed IT8\ncalibration file is processed.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/lcms2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/lcms2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2018/dsa-4284\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the lcms2 packages.\n\nFor the stable distribution (stretch), this problem has been fixed in\nversion 2.8-4+deb9u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lcms2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/09/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"liblcms2-2\", reference:\"2.8-4+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"liblcms2-dev\", reference:\"2.8-4+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"liblcms2-utils\", reference:\"2.8-4+deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-09-23T16:49:27", "description": "This update for lcms2 fixes the following issues :\n\n - CVE-2018-16435: Heap-based buffer overflow via a crafted\n file in the second argument to cmsIT8LoadFromFile\n (bsc#1108813)\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "edition": 14, "cvss3": {"score": 5.5, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}, "published": "2019-03-27T00:00:00", "title": "openSUSE Security Update : lcms2 (openSUSE-2019-880)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-16435"], "modified": "2019-03-27T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:liblcms2-2-32bit-debuginfo", "p-cpe:/a:novell:opensuse:lcms2-debuginfo", "p-cpe:/a:novell:opensuse:liblcms2-2-debuginfo", "cpe:/o:novell:opensuse:15.0", "p-cpe:/a:novell:opensuse:liblcms2-2-32bit", "p-cpe:/a:novell:opensuse:lcms2-debugsource", "p-cpe:/a:novell:opensuse:liblcms2-devel-32bit", "p-cpe:/a:novell:opensuse:liblcms2-devel", "p-cpe:/a:novell:opensuse:lcms2", "p-cpe:/a:novell:opensuse:liblcms2-2"], "id": "OPENSUSE-2019-880.NASL", "href": "https://www.tenable.com/plugins/nessus/123364", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-880.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123364);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/22\");\n\n script_cve_id(\"CVE-2018-16435\");\n\n script_name(english:\"openSUSE Security Update : lcms2 (openSUSE-2019-880)\");\n script_summary(english:\"Check for the openSUSE-2019-880 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for lcms2 fixes the following issues :\n\n - CVE-2018-16435: Heap-based buffer overflow via a crafted\n file in the second argument to cmsIT8LoadFromFile\n (bsc#1108813)\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1108813\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected lcms2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:lcms2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:lcms2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:lcms2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:liblcms2-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:liblcms2-2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:liblcms2-2-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:liblcms2-2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:liblcms2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:liblcms2-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/09/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"lcms2-2.9-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"lcms2-debuginfo-2.9-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"lcms2-debugsource-2.9-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"liblcms2-2-2.9-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"liblcms2-2-debuginfo-2.9-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"liblcms2-devel-2.9-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"liblcms2-2-32bit-2.9-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"liblcms2-2-32bit-debuginfo-2.9-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"liblcms2-devel-32bit-2.9-lp150.2.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lcms2 / lcms2-debuginfo / lcms2-debugsource / liblcms2-2 / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T10:18:42", "description": "Security fix for CVE-2018-16435\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 11, "cvss3": {"score": 5.5, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}, "published": "2019-01-03T00:00:00", "title": "Fedora 29 : lcms2 (2018-6ac39c63c4)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-16435"], "modified": "2019-01-03T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:29", "p-cpe:/a:fedoraproject:fedora:lcms2"], "id": "FEDORA_2018-6AC39C63C4.NASL", "href": "https://www.tenable.com/plugins/nessus/120500", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-6ac39c63c4.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120500);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-16435\");\n script_xref(name:\"FEDORA\", value:\"2018-6ac39c63c4\");\n\n script_name(english:\"Fedora 29 : lcms2 (2018-6ac39c63c4)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2018-16435\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-6ac39c63c4\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected lcms2 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:lcms2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/09/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"lcms2-2.9-4.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lcms2\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-14T06:16:03", "description": "This update for lcms2 fixes the following security issues :\n\nCVE-2016-10165: The Type_MLU_Read function allowed remote attackers to\nobtain sensitive information or cause a denial of service via an image\nwith a crafted ICC profile, which triggered an out-of-bounds heap read\n(bsc#1021364).\n\nCVE-2018-16435: A integer overflow was fixed in the AllocateDataSet\nfunction in cmscgats.c, that could lead to a heap-based buffer\noverflow in the SetData function via a crafted file in the second\nargument to cmsIT8LoadFromFile. (bsc#1108813)\n\nEnsure that LUT stages match channel count (bsc#1026649).\n\nsanitize input and output channels on MPE profiles (bsc#1026650).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 21, "cvss3": {"score": 7.1, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}, "published": "2018-10-30T00:00:00", "title": "SUSE SLED12 / SLES12 Security Update : lcms2 (SUSE-SU-2018:3545-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-16435", "CVE-2016-10165"], "modified": "2018-10-30T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:liblcms2-2", "p-cpe:/a:novell:suse_linux:lcms2", "p-cpe:/a:novell:suse_linux:lcms2-debuginfo", "p-cpe:/a:novell:suse_linux:lcms2-debugsource", "p-cpe:/a:novell:suse_linux:liblcms2-2-debuginfo", "p-cpe:/a:novell:suse_linux:liblcms2"], "id": "SUSE_SU-2018-3545-1.NASL", "href": "https://www.tenable.com/plugins/nessus/118500", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:3545-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118500);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2016-10165\", \"CVE-2018-16435\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : lcms2 (SUSE-SU-2018:3545-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for lcms2 fixes the following security issues :\n\nCVE-2016-10165: The Type_MLU_Read function allowed remote attackers to\nobtain sensitive information or cause a denial of service via an image\nwith a crafted ICC profile, which triggered an out-of-bounds heap read\n(bsc#1021364).\n\nCVE-2018-16435: A integer overflow was fixed in the AllocateDataSet\nfunction in cmscgats.c, that could lead to a heap-based buffer\noverflow in the SetData function via a crafted file in the second\nargument to cmsIT8LoadFromFile. (bsc#1108813)\n\nEnsure that LUT stages match channel count (bsc#1026649).\n\nsanitize input and output channels on MPE profiles (bsc#1026650).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1021364\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1026649\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1026650\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1108813\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10165/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16435/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20183545-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a5ab5393\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2018-2512=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2018-2512=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2018-2512=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:lcms2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:lcms2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:lcms2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:liblcms2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:liblcms2-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:liblcms2-2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/02/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"lcms2-2.7-9.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"lcms2-debuginfo-2.7-9.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"lcms2-debugsource-2.7-9.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"liblcms2-2-2.7-9.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"liblcms2-2-32bit-2.7-9.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"liblcms2-2-debuginfo-2.7-9.7.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"liblcms2-2-debuginfo-32bit-2.7-9.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"lcms2-2.7-9.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"lcms2-debuginfo-2.7-9.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"lcms2-debugsource-2.7-9.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"liblcms2-2-2.7-9.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"liblcms2-2-32bit-2.7-9.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"liblcms2-2-debuginfo-2.7-9.7.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"liblcms2-2-debuginfo-32bit-2.7-9.7.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"lcms2\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}], "ubuntu": [{"lastseen": "2020-07-02T11:40:53", "bulletinFamily": "unix", "cvelist": ["CVE-2018-16435", "CVE-2016-10165"], "description": "Ibrahim El-Sayed discovered that Little CMS incorrectly handled certain files. \nAn attacker could possibly use this issue to cause a denial of service. \n(CVE-2016-10165)\n\nQuang Nguyen discovered that Little CMS incorrectly handled certain files. \nAn attacker could possibly use this issue to execute arbitrary code. \n(CVE-2018-16435)", "edition": 3, "modified": "2018-09-20T00:00:00", "published": "2018-09-20T00:00:00", "id": "USN-3770-1", "href": "https://ubuntu.com/security/notices/USN-3770-1", "title": "Little CMS vulnerabilities", "type": "ubuntu", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2020-07-02T11:37:47", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4276", "CVE-2018-16435", "CVE-2016-10165"], "description": "USN-3770-1 fixed a vulnerability in Little CMS. This update provides \nthe corresponding update for Ubuntu 12.04 ESM.\n\nOriginal advisory details:\n\nPedro Ribeiro discoreved that Little CMS incorrectly handled certain files. \nAn attacker could possibly use this issue to cause a denial of service. \n(CVE-2013-4276)\n\nIbrahim El-Sayed discovered that Little CMS incorrectly handled certain files. \nAn attacker could possibly use this issue to cause a denial of service. \n(CVE-2016-10165)\n\nQuang Nguyen discovered that Little CMS incorrectly handled certain files. \nAn attacker could possibly use this issue to execute arbitrary code. \n(CVE-2018-16435)", "edition": 4, "modified": "2018-09-20T00:00:00", "published": "2018-09-20T00:00:00", "id": "USN-3770-2", "href": "https://ubuntu.com/security/notices/USN-3770-2", "title": "Little CMS vulnerabilities", "type": "ubuntu", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}], "cloudfoundry": [{"lastseen": "2019-05-29T18:32:54", "bulletinFamily": "software", "cvelist": ["CVE-2018-16435", "CVE-2016-10165"], "description": "# \n\n# Severity\n\nMedium\n\n# Vendor\n\nCanonical Ubuntu\n\n# Versions Affected\n\n * Canonical Ubuntu 14.04\n * Canonical Ubuntu 18.04\n\n# Description\n\nIbrahim El-Sayed discovered that Little CMS incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. (CVE-2016-10165)\n\nQuang Nguyen discovered that Little CMS incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. (CVE-2018-16435)\n\n# Affected Cloud Foundry Products and Versions\n\n_Severity is medium unless otherwise noted._\n\n * All versions of Cloud Foundry cflinuxfs2 prior to 1.238.0\n * All versions of Cloud Foundry cflinuxfs3 prior to 0.25.0\n\n# Mitigation\n\nOSS users are strongly encouraged to follow one of the mitigations below:\n\n * The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs2 version 1.238.0 or later.\n * The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs3 version 0.25.0 or later.\n\n# References\n\n * [USN-3770-1](<https://usn.ubuntu.com/3770-1>)\n * [CVE-2016-10165](<https://people.canonical.com/~ubuntu-security/cve/CVE-2016-10165>)\n * [CVE-2018-16435](<https://people.canonical.com/~ubuntu-security/cve/CVE-2018-16435>)\n", "edition": 2, "modified": "2018-09-25T00:00:00", "published": "2018-09-25T00:00:00", "id": "CFOUNDRY:AFE5A77EBE4E39A2F02201C20DDD401B", "href": "https://www.cloudfoundry.org/blog/usn-3770-1/", "title": "USN-3770-1: Little CMS vulnerabilities | Cloud Foundry", "type": "cloudfoundry", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:47:05", "bulletinFamily": "unix", "cvelist": ["CVE-2018-16435", "CVE-2018-17462", "CVE-2018-17463", "CVE-2018-17464", "CVE-2018-17465", "CVE-2018-17466", "CVE-2018-17467", "CVE-2018-17468", "CVE-2018-17469", "CVE-2018-17470", "CVE-2018-17471", "CVE-2018-17473", "CVE-2018-17474", "CVE-2018-17475", "CVE-2018-17476", "CVE-2018-17477", "CVE-2018-5179"], "description": "Chromium is an open-source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 70.0.3538.67.\n\nSecurity Fix(es):\n\n* chromium-browser: Sandbox escape in AppCache (CVE-2018-17462)\n\n* chromium-browser: Remote code execution in V8 (CVE-2018-17463)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-17464)\n\n* chromium-browser: Use after free in V8 (CVE-2018-17465)\n\n* chromium-browser: Memory corruption in Angle (CVE-2018-17466)\n\n* lcms2: Integer overflow in AllocateDataSet() in cmscgats.c leading to heap-based buffer overflow (CVE-2018-16435)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-17467)\n\n* chromium-browser: Cross-origin URL disclosure in Blink (CVE-2018-17468)\n\n* chromium-browser: Heap buffer overflow in PDFium (CVE-2018-17469)\n\n* chromium-browser: Memory corruption in GPU Internals (CVE-2018-17470)\n\n* chromium-browser: Security UI occlusion in full screen mode (CVE-2018-17471)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-17473)\n\n* chromium-browser: Use after free in Blink (CVE-2018-17474)\n\n* chromium-browser: Lack of limits on update() in ServiceWorker (CVE-2018-5179)\n\n* chromium-browser: URL spoof in Omnibox (CVE-2018-17475)\n\n* chromium-browser: Security UI occlusion in full screen mode (CVE-2018-17476)\n\n* chromium-browser: UI spoof in Extensions (CVE-2018-17477)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2018-10-25T00:57:50", "published": "2018-10-25T00:52:49", "id": "RHSA-2018:3004", "href": "https://access.redhat.com/errata/RHSA-2018:3004", "type": "redhat", "title": "(RHSA-2018:3004) Important: chromium-browser security update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}]}

Fedora 27 : lcms2 (2018-3e9f26489b)

Description

Security fix for CVE-2018-16435 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Security fix for CVE-2018-16435

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.