Lucene search
Copyright (C) 2022 Greenbone AGOPENVAS:13614125623111020130332HistoryJan 28, 2022 - 12:00 a.m.
Mageia: Security Advisory (MGASA-2013-0332)
2022-01-2800:00:00
Copyright (C) 2022 Greenbone AG
plugins.openvas.org
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2022 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.10.2013.0332");
script_cve_id("CVE-2013-4473", "CVE-2013-4474");
script_tag(name:"creation_date", value:"2022-01-28 10:58:44 +0000 (Fri, 28 Jan 2022)");
script_version("2024-02-02T05:06:08+0000");
script_tag(name:"last_modification", value:"2024-02-02 05:06:08 +0000 (Fri, 02 Feb 2024)");
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_name("Mageia: Security Advisory (MGASA-2013-0332)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2022 Greenbone AG");
script_family("Mageia Linux Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/mageia_linux", "ssh/login/release", re:"ssh/login/release=MAGEIA(2|3)");
script_xref(name:"Advisory-ID", value:"MGASA-2013-0332");
script_xref(name:"URL", value:"https://advisories.mageia.org/MGASA-2013-0332.html");
script_xref(name:"URL", value:"https://lists.fedoraproject.org/pipermail/package-announce/2013-November/121297.html");
script_xref(name:"URL", value:"https://bugs.mageia.org/show_bug.cgi?id=11560");
script_tag(name:"summary", value:"The remote host is missing an update for the 'poppler' package(s) announced via the MGASA-2013-0332 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"Updated poppler packages fix security vulnerabilities:
Poppler is found to be affected by a stack based buffer overflow vulnerability
in the pdfseparate utility. Successfully exploiting this issue could allow
remote attackers to execute arbitrary code in the context of the affected
application. Failed exploits may result in denial-of-service conditions
(CVE-2013-4473).
Poppler was found to have a user controlled format string vulnerability because
it fails to sanitize user-supplied input. An attacker may exploit this issue to
execute arbitrary code in the context of the vulnerable application. Failed
exploit attempts will likely result in a denial-of-service condition
(CVE-2013-4474).");
script_tag(name:"affected", value:"'poppler' package(s) on Mageia 2, Mageia 3.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "MAGEIA2") {
if(!isnull(res = isrpmvuln(pkg:"lib64poppler-cpp-devel", rpm:"lib64poppler-cpp-devel~0.18.4~2.3.mga2", rls:"MAGEIA2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"lib64poppler-cpp0", rpm:"lib64poppler-cpp0~0.18.4~2.3.mga2", rls:"MAGEIA2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"lib64poppler-devel", rpm:"lib64poppler-devel~0.18.4~2.3.mga2", rls:"MAGEIA2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"lib64poppler-gir0.18", rpm:"lib64poppler-gir0.18~0.18.4~2.3.mga2", rls:"MAGEIA2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"lib64poppler-glib-devel", rpm:"lib64poppler-glib-devel~0.18.4~2.3.mga2", rls:"MAGEIA2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"lib64poppler-glib8", rpm:"lib64poppler-glib8~0.18.4~2.3.mga2", rls:"MAGEIA2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"lib64poppler-qt4-3", rpm:"lib64poppler-qt4-3~0.18.4~2.3.mga2", rls:"MAGEIA2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"lib64poppler-qt4-devel", rpm:"lib64poppler-qt4-devel~0.18.4~2.3.mga2", rls:"MAGEIA2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"lib64poppler19", rpm:"lib64poppler19~0.18.4~2.3.mga2", rls:"MAGEIA2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libpoppler-cpp-devel", rpm:"libpoppler-cpp-devel~0.18.4~2.3.mga2", rls:"MAGEIA2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libpoppler-cpp0", rpm:"libpoppler-cpp0~0.18.4~2.3.mga2", rls:"MAGEIA2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libpoppler-devel", rpm:"libpoppler-devel~0.18.4~2.3.mga2", rls:"MAGEIA2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libpoppler-gir0.18", rpm:"libpoppler-gir0.18~0.18.4~2.3.mga2", rls:"MAGEIA2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libpoppler-glib-devel", rpm:"libpoppler-glib-devel~0.18.4~2.3.mga2", rls:"MAGEIA2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libpoppler-glib8", rpm:"libpoppler-glib8~0.18.4~2.3.mga2", rls:"MAGEIA2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libpoppler-qt4-3", rpm:"libpoppler-qt4-3~0.18.4~2.3.mga2", rls:"MAGEIA2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libpoppler-qt4-devel", rpm:"libpoppler-qt4-devel~0.18.4~2.3.mga2", rls:"MAGEIA2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libpoppler19", rpm:"libpoppler19~0.18.4~2.3.mga2", rls:"MAGEIA2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"poppler", rpm:"poppler~0.18.4~2.3.mga2", rls:"MAGEIA2"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "MAGEIA3") {
if(!isnull(res = isrpmvuln(pkg:"lib64poppler-cpp-devel", rpm:"lib64poppler-cpp-devel~0.22.1~1.1.mga3", rls:"MAGEIA3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"lib64poppler-cpp0", rpm:"lib64poppler-cpp0~0.22.1~1.1.mga3", rls:"MAGEIA3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"lib64poppler-devel", rpm:"lib64poppler-devel~0.22.1~1.1.mga3", rls:"MAGEIA3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"lib64poppler-gir0.18", rpm:"lib64poppler-gir0.18~0.22.1~1.1.mga3", rls:"MAGEIA3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"lib64poppler-glib-devel", rpm:"lib64poppler-glib-devel~0.22.1~1.1.mga3", rls:"MAGEIA3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"lib64poppler-glib8", rpm:"lib64poppler-glib8~0.22.1~1.1.mga3", rls:"MAGEIA3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"lib64poppler-qt4-devel", rpm:"lib64poppler-qt4-devel~0.22.1~1.1.mga3", rls:"MAGEIA3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"lib64poppler-qt4_4", rpm:"lib64poppler-qt4_4~0.22.1~1.1.mga3", rls:"MAGEIA3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"lib64poppler34", rpm:"lib64poppler34~0.22.1~1.1.mga3", rls:"MAGEIA3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libpoppler-cpp-devel", rpm:"libpoppler-cpp-devel~0.22.1~1.1.mga3", rls:"MAGEIA3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libpoppler-cpp0", rpm:"libpoppler-cpp0~0.22.1~1.1.mga3", rls:"MAGEIA3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libpoppler-devel", rpm:"libpoppler-devel~0.22.1~1.1.mga3", rls:"MAGEIA3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libpoppler-gir0.18", rpm:"libpoppler-gir0.18~0.22.1~1.1.mga3", rls:"MAGEIA3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libpoppler-glib-devel", rpm:"libpoppler-glib-devel~0.22.1~1.1.mga3", rls:"MAGEIA3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libpoppler-glib8", rpm:"libpoppler-glib8~0.22.1~1.1.mga3", rls:"MAGEIA3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libpoppler-qt4-devel", rpm:"libpoppler-qt4-devel~0.22.1~1.1.mga3", rls:"MAGEIA3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libpoppler-qt4_4", rpm:"libpoppler-qt4_4~0.22.1~1.1.mga3", rls:"MAGEIA3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libpoppler34", rpm:"libpoppler34~0.22.1~1.1.mga3", rls:"MAGEIA3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"poppler", rpm:"poppler~0.22.1~1.1.mga3", rls:"MAGEIA3"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
openvas
openvas
Fedora Update for poppler FEDORA-2013-20443
2013-11-18 00:00:00
Fedora Update for poppler FEDORA-2013-20443
2013-11-18 00:00:00
Gentoo Security Advisory GLSA 201401-21
2015-09-29 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: poppler-0.22.1-5.fc19
2013-11-11 02:25:06
[SECURITY] Fedora 18 Update: poppler-0.20.2-17.fc18
2013-11-16 07:15:50
securityvulns
securityvulns
[ MDVSA-2013:272 ] poppler
2013-11-26 00:00:00
poppler security vulnerabilities
2013-11-26 00:00:00
nessus
nessus
Fedora 18 : poppler-0.20.2-17.fc18 (2013-20410)
2013-11-18 00:00:00
Mandriva Linux Security Advisory : poppler (MDVSA-2013:272)
2013-11-22 00:00:00
Fedora 19 : poppler-0.22.1-5.fc19 (2013-20443)
2013-11-11 00:00:00
mageia
mageia
Updated poppler packages fix multiple vulnerabilities
2013-11-21 00:28:35
ubuntu
ubuntu
poppler vulnerabilities
2016-05-02 00:00:00
gentoo
gentoo
Poppler: Multiple vulnerabilities
2014-01-21 00:00:00
cvelist
cvelist
CVE-2013-4474
2013-11-23 11:00:00
CVE-2013-4473
2013-11-23 11:00:00
ubuntucve
ubuntucve
CVE-2013-4474
2013-11-23 00:00:00
CVE-2013-4473
2013-11-23 00:00:00
debian
debian
[SECURITY] [DLA 1074-1] poppler security update
2017-08-29 16:58:03
prion
prion
Format string
2013-11-23 11:55:00
Stack overflow
2013-11-23 11:55:00
debiancve
debiancve
CVE-2013-4474
2013-11-23 11:55:00
CVE-2013-4473
2013-11-23 11:55:00
cve
cve
CVE-2013-4474
2013-11-23 11:55:00
CVE-2013-4473
2013-11-23 11:55:00
osv
osv
poppler - security update
2017-08-29 00:00:00
f5
f5
SOL81732330 - Poppler vulnerability CVE-2013-4473
2016-07-05 00:00:00
K81732330 : Poppler vulnerability CVE-2013-4473
2016-07-05 00:00:00
7.7 High
AI Score
Confidence
High
0.306 Low
EPSS
Percentile
96.9%
Related for OPENVAS:13614125623111020130332