Summary
The remote host is missing an update to jasper
announced via advisory FEDORA-2009-10761.
Solution
Apply the appropriate updates.
This update can be installed with the yum update program. Use su -c 'yum update jasper' at the command line.
For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/.
https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-10761
Insight
ChangeLog:
* Tue Oct 13 2009 Rex Dieter - 1.900.1-13
- CVE-2008-3520 jasper: multiple integer overflows in jas_alloc calls (#461476) - CVE-2008-3522 jasper: possible buffer overflow in jas_stream_printf() (#461478)
References
Severity
Classification
-
CVE CVE-2008-3520, CVE-2008-3522 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities