13 matches found
Oracle Linux 7 : GNOME (ELSA-2018-3140)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-3140 advisory. - Backport upstream patch for CVE-2018-12910 - Crash in soupcookiejar.c: getcookies on empty hostnames - Security fix for CVE-2018-15120 - Fix crash wh...
SUSE CVE-2018-10767
There is a stack-based buffer over-read in calling GLib in the function gxpsimagesguesscontenttype of gxps-images.c in libgxps through 0.3.0 because it does not reject negative return values from a ginputstreamread call. A crafted input will lead to a remote denial of service attack...
Advisory ROSA-SA-2021-1872
Software: libgxps 0.3.0 OS: Cobalt 7.9 CVE-ID: CVE-2018-10733 CVE-Crit: MEDIUM CVE-DESC: There is a heap-based buffer overflow in the ftfontfacehash function of the gxps-fonts.c file in libgxps before version 0.3.0. The input created will result in a remote denial of service attack. CVE-STATUS:...
Huawei EulerOS: Security Advisory for libgxps (EulerOS-SA-2020-1401)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL CORE 5.04 / MAIN 5.04 : libgxps Multiple Vulnerabilities (NS-SA-2019-0044)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has libgxps packages installed that are affected by multiple vulnerabilities: - There is a heap-based buffer over-read in the function ftfontfacehash of gxps-fonts.c in libgxps through 0.3.0. A crafted input will lead to a remo...
CentOS Update for gdm CESA-2018:3140 centos7
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Scientific Linux Security Update : GNOME on SL7.x x86_64 (20181030)
Security Fixes : - libsoup: Crash in soupcookiejar.c:getcookies on empty hostnames CVE-2018-12910 - poppler: Infinite recursion in fofi/FoFiType1C.cc:FoFiType1C::cvtGlyph function allows denial of service CVE-2017-18267 - libgxps: heap based buffer over read in ftfontfacehash function of...
CentOS 7 : PackageKit / accountsservice / adwaita-icon-theme / appstream-data / at-spi2-atk / etc (CESA-2018:3140)
An update is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links ...
PackageKit, accountsservice, adwaita, appstream, at, atk, baobab, bolt, brasero, cairo, cheese, clutter, compat, control, dconf, devhelp, ekiga, empathy, eog, evince, evolution, file, flatpak, folks, fontconfig, freetype, fribidi, fwupd, fwupdate, gcr, gdk, gdm, gedit, geoclue2, geocode, gjs, glade, glib, glib2, glibmm24, gnome, gnote, gobject, gom, google, grilo, gsettings, gspell, gssdp, gstreamer1, gtk, gtk3, gtksourceview3, gucharmap, gupnp, gvfs, harfbuzz, json, libappstream, libchamplain, libcroco, libgdata, libgee, libgepub, libgexiv2, libgnomekbd, libgovirt, libgtop2, libgweather, libgxps, libical, libmediaart, libosinfo, libpeas, librsvg2, libsecret, libsoup, libwayland, libwnck3, mozjs52, mutter, nautilus, openchange, osinfo, pango, poppler, python2, rest, rhythmbox, seahorse, shotwell, sushi, totem, upower, vala, valadoc, vino, vte, vte291, wayland, webkitgtk4, xdg, yelp, zenity security update
CentOS Errata and Security Advisory CESA-2018:3140 An update is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Fedora 27 : libgxps (2018-46f3f13c68)
Add patch for CVE-2018-10767 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
Fedora Update for libgxps FEDORA-2018-46f3f13c68
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-10767
There is a stack-based buffer over-read in calling GLib in the function gxpsimagesguesscontenttype of gxps-images.c in libgxps through 0.3.0 because it does not reject negative return values from a ginputstreamread call. A crafted input will lead to a remote denial of service attack...
CVE-2018-10767
CVE-2018-10767 is a vulnerability in libgxps up to version 0.3.0, caused by a stack-based buffer over-read in gxps_images_guess_content_type (gxps-images.c) when negative return values from g_input_stream_read are not rejected. A crafted input can trigger a remote denial of service. The connected...