Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: Mandrake Local Security Checks --> Category: infos

MDKSA-2005:143: kdegraphics Vulnerability Scan


Vulnerability Scan Summary
Check for the version of the kdegraphics package

Detailed Explanation for this Vulnerability Test

The remote host is missing the patch for the advisory MDKSA-2005:143 (kdegraphics).



Wouter Hanegraaff discovered that the TIFF library did not sufficiently
validate the 'YCbCr subsampling' value in TIFF image headers. Decoding a
malicious image with a zero value resulted in an arithmetic exception, which
can cause a program that uses the TIFF library to crash.

Kdegraphics < 3.3 uses an embedded libtiff source tree for kfax, and as such
has the same vulnerability.

The updated packages are patched to protect against this vulnerability.



Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2005:143
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.