Lucene search
Copyright (C) 2012 E-Soft Inc.OPENVAS:136141256231071583HistoryAug 10, 2012 - 12:00 a.m.
Gentoo Security Advisory GLSA 201206-16 (TagLib)
2012-08-1000:00:00
Copyright (C) 2012 E-Soft Inc.
plugins.openvas.org
6
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
6.5 Medium
AI Score
Confidence
Low
0.014 Low
EPSS
Percentile
86.3%
The remote host is missing updates announced in
advisory GLSA 201206-16.
# SPDX-FileCopyrightText: 2012 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.71583");
script_cve_id("CVE-2012-1107", "CVE-2012-1108", "CVE-2012-1584");
script_tag(name:"cvss_base", value:"4.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:N/A:P");
script_version("2023-07-18T05:05:36+0000");
script_tag(name:"last_modification", value:"2023-07-18 05:05:36 +0000 (Tue, 18 Jul 2023)");
script_tag(name:"creation_date", value:"2012-08-10 03:22:56 -0400 (Fri, 10 Aug 2012)");
script_name("Gentoo Security Advisory GLSA 201206-16 (TagLib)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2012 E-Soft Inc.");
script_family("Gentoo Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/gentoo", "ssh/login/pkg");
script_tag(name:"insight", value:"Multiple vulnerabilities have been found in TagLib, possibly
resulting in Denial of Service.");
script_tag(name:"solution", value:"All TagLib users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=media-libs/taglib-1.7.1'
Packages which depend on this library may need to be recompiled. Tools
such as revdep-rebuild may assist in identifying some of these
packages.");
script_xref(name:"URL", value:"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201206-16");
script_xref(name:"URL", value:"http://bugs.gentoo.org/show_bug.cgi?id=407673");
script_xref(name:"URL", value:"http://bugs.gentoo.org/show_bug.cgi?id=410953");
script_tag(name:"summary", value:"The remote host is missing updates announced in
advisory GLSA 201206-16.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-gentoo.inc");
include("revisions-lib.inc");
res = "";
report = "";
if((res = ispkgvuln(pkg:"media-libs/taglib", unaffected: make_list("ge 1.7.1"), vulnerable: make_list("lt 1.7.1"))) != NULL ) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if (__pkg_match) {
exit(99);
}
Related
openvas
openvas
Fedora Update for taglib FEDORA-2012-4291
2012-04-11 00:00:00
Fedora Update for taglib FEDORA-2012-4268
2012-04-11 00:00:00
Fedora Update for taglib FEDORA-2012-4184
2012-08-30 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: taglib-1.7.1-1.fc15
2012-04-06 21:30:11
[SECURITY] Fedora 16 Update: taglib-1.7.1-1.fc16
2012-04-06 21:29:27
[SECURITY] Fedora 17 Update: taglib-1.7.1-1.fc17
2012-04-12 03:24:20
nessus
nessus
Fedora 17 : taglib-1.7.1-1.fc17 (2012-4184)
2012-04-12 00:00:00
openSUSE Security Update : taglib (openSUSE-SU-2012:0490-1)
2014-06-13 00:00:00
Fedora 16 : taglib-1.7.1-1.fc16 (2012-4291)
2012-04-09 00:00:00
gentoo
gentoo
TagLib: Multiple vulnerabilities
2012-06-22 00:00:00
prion
prion
Integer overflow
2012-09-06 18:55:00
Design/Logic Flaw
2012-09-06 18:55:00
Design/Logic Flaw
2012-09-06 18:55:00
cvelist
cvelist
nvd
nvd
cve
cve
ubuntucve
ubuntucve
debiancve
debiancve
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
6.5 Medium
AI Score
Confidence
Low
0.014 Low
EPSS
Percentile
86.3%
Related for OPENVAS:136141256231071583