openSUSE 安全性更新:librsvg (openSUSE-SU-2013:1786-1)
medium Nessus Plugin ID 75217
語系:
概要
遠端 openSUSE 主機缺少安全性更新。說明
librsvg 已更新,修正了一個拒絕納入 XML 外部實體的問題,其中系統上的檔案可能會匯入 SVG。(CVE-2013-1881)
解決方案
更新受影響的 librsvg 套件。另請參閱
https://bugzilla.novell.com/show_bug.cgi?id=840753
https://lists.opensuse.org/opensuse-updates/2013-11/msg00114.html
Plugin 詳細資訊
嚴重性: Medium
ID: 75217
檔案名稱: openSUSE-2013-912.nasl
版本: 1.5
類型: local
代理程式: unix
已發布: 2014/6/13
已更新: 2021/1/19
支援的感應器: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Nessus
風險資訊
VPR
風險因素: Low
分數: 3.6
CVSS v2
風險因素: Medium
基本分數: 4.3
時間分數: 3.2
媒介: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N
弱點資訊
CPE: p-cpe:/a:novell:opensuse:gtk3-devel-32bit, p-cpe:/a:novell:opensuse:gtk3-devel-debuginfo, p-cpe:/a:novell:opensuse:gtk3-devel-debuginfo-32bit, p-cpe:/a:novell:opensuse:gtk3-immodule-amharic, p-cpe:/a:novell:opensuse:gtk3-immodule-amharic-32bit, p-cpe:/a:novell:opensuse:gtk3-immodule-amharic-debuginfo, p-cpe:/a:novell:opensuse:gtk3-immodule-amharic-debuginfo-32bit, p-cpe:/a:novell:opensuse:gtk3-immodule-inuktitut, p-cpe:/a:novell:opensuse:gtk3-immodule-inuktitut-32bit, p-cpe:/a:novell:opensuse:gtk3-immodule-inuktitut-debuginfo, p-cpe:/a:novell:opensuse:gtk3-immodule-inuktitut-debuginfo-32bit, p-cpe:/a:novell:opensuse:gtk3-immodule-multipress, p-cpe:/a:novell:opensuse:gtk3-immodule-multipress-32bit, p-cpe:/a:novell:opensuse:gtk3-immodule-multipress-debuginfo, p-cpe:/a:novell:opensuse:gtk3-immodule-multipress-debuginfo-32bit, p-cpe:/a:novell:opensuse:gtk3-immodule-thai, p-cpe:/a:novell:opensuse:gtk3-immodule-thai-32bit, p-cpe:/a:novell:opensuse:gtk3-immodule-thai-debuginfo, p-cpe:/a:novell:opensuse:gtk3-immodule-thai-debuginfo-32bit, p-cpe:/a:novell:opensuse:gtk3-immodule-vietnamese, p-cpe:/a:novell:opensuse:gtk3-immodule-vietnamese-32bit, p-cpe:/a:novell:opensuse:gtk3-immodule-vietnamese-debuginfo, p-cpe:/a:novell:opensuse:gtk3-immodule-vietnamese-debuginfo-32bit, p-cpe:/a:novell:opensuse:gtk3-immodule-xim, p-cpe:/a:novell:opensuse:gtk3-immodule-xim-32bit, p-cpe:/a:novell:opensuse:gtk3-immodule-xim-debuginfo, p-cpe:/a:novell:opensuse:gtk3-immodule-xim-debuginfo-32bit, p-cpe:/a:novell:opensuse:gtk3-immodules-tigrigna, p-cpe:/a:novell:opensuse:gtk3-immodules-tigrigna-32bit, p-cpe:/a:novell:opensuse:gtk3-immodules-tigrigna-debuginfo, p-cpe:/a:novell:opensuse:gtk3-immodules-tigrigna-debuginfo-32bit, p-cpe:/a:novell:opensuse:gtk3-lang, p-cpe:/a:novell:opensuse:gtk3-tools, p-cpe:/a:novell:opensuse:gtk3-tools-32bit, p-cpe:/a:novell:opensuse:gtk3-tools-debuginfo, p-cpe:/a:novell:opensuse:gtk3-tools-debuginfo-32bit, p-cpe:/a:novell:opensuse:libgtk-3-0, p-cpe:/a:novell:opensuse:libgtk-3-0-32bit, p-cpe:/a:novell:opensuse:libgtk-3-0-debuginfo, p-cpe:/a:novell:opensuse:libgtk-3-0-debuginfo-32bit, p-cpe:/a:novell:opensuse:librsvg-2-2, p-cpe:/a:novell:opensuse:librsvg-2-2-32bit, p-cpe:/a:novell:opensuse:librsvg-2-2-debuginfo, p-cpe:/a:novell:opensuse:librsvg-2-2-debuginfo-32bit, p-cpe:/a:novell:opensuse:librsvg-debugsource, p-cpe:/a:novell:opensuse:librsvg-devel, p-cpe:/a:novell:opensuse:rsvg-view, p-cpe:/a:novell:opensuse:rsvg-view-debuginfo, p-cpe:/a:novell:opensuse:typelib-1_0-gtk-3_0, p-cpe:/a:novell:opensuse:typelib-1_0-rsvg-2_0, cpe:/o:novell:opensuse:12.2, cpe:/o:novell:opensuse:12.3, p-cpe:/a:novell:opensuse:gdk-pixbuf-loader-rsvg, p-cpe:/a:novell:opensuse:gdk-pixbuf-loader-rsvg-32bit, p-cpe:/a:novell:opensuse:gdk-pixbuf-loader-rsvg-debuginfo, p-cpe:/a:novell:opensuse:gdk-pixbuf-loader-rsvg-debuginfo-32bit, p-cpe:/a:novell:opensuse:gtk2-engine-svg, p-cpe:/a:novell:opensuse:gtk2-engine-svg-32bit, p-cpe:/a:novell:opensuse:gtk2-engine-svg-debuginfo, p-cpe:/a:novell:opensuse:gtk2-engine-svg-debuginfo-32bit, p-cpe:/a:novell:opensuse:gtk3-branding-upstream, p-cpe:/a:novell:opensuse:gtk3-data, p-cpe:/a:novell:opensuse:gtk3-debugsource, p-cpe:/a:novell:opensuse:gtk3-devel
必要的 KB 項目: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
可輕鬆利用: No known exploits are available
修補程式發佈日期: 2013/12/12
參考資訊
CVE: CVE-2013-1881
BID: 62714