Rapid7 Vulnerability & Exploit Database

Oracle Solaris 11: CVE-2018-14550 (11.4 SRU 30.88.3)

Back to Search

Oracle Solaris 11: CVE-2018-14550 (11.4 SRU 30.88.3)

Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
07/10/2019
Created
02/18/2021
Added
02/17/2021
Modified
11/17/2021

Description

An issue has been found in third-party PNM decoding associated with libpng 1.6.35. It is a stack-based buffer overflow in the function get_token in pnm2png.c in pnm2png.

Solution(s)

  • oracle-solaris-11-4-upgrade-value-codec-libtheora-1-1-1-11-4-30-0-1-88-0
  • oracle-solaris-11-4-upgrade-value-desktop-pdf-viewer-gsx-9-53-3-11-4-30-0-1-88-0
  • oracle-solaris-11-4-upgrade-value-desktop-pdf-viewer-poppler-viewer-20-10-0-11-4-30-0-1-88-0
  • oracle-solaris-11-4-upgrade-value-editor-gnu-emacs-26-3-11-4-30-0-1-88-0
  • oracle-solaris-11-4-upgrade-value-editor-gnu-emacs-gnu-emacs-gtk-26-3-11-4-30-0-1-88-0
  • oracle-solaris-11-4-upgrade-value-editor-gnu-emacs-gnu-emacs-lisp-26-3-11-4-30-0-1-88-0
  • oracle-solaris-11-4-upgrade-value-editor-gnu-emacs-gnu-emacs-no-x11-26-3-11-4-30-0-1-88-0
  • oracle-solaris-11-4-upgrade-value-editor-gnu-emacs-gnu-emacs-x11-26-3-11-4-30-0-1-88-0
  • oracle-solaris-11-4-upgrade-value-image-ghostscript-9-53-3-11-4-30-0-1-88-0
  • oracle-solaris-11-4-upgrade-value-image-gnuplot-5-2-2-11-4-30-0-1-88-0
  • oracle-solaris-11-4-upgrade-value-image-imagemagick-6-9-10-91-11-4-30-0-1-88-0
  • oracle-solaris-11-4-upgrade-value-image-library-libpng16-1-6-37-11-4-30-0-1-88-0
  • oracle-solaris-11-4-upgrade-value-image-library-libwebp-1-1-0-11-4-30-0-1-88-0
  • oracle-solaris-11-4-upgrade-value-image-library-openjpeg2-2-3-1-11-4-30-0-1-88-0
  • oracle-solaris-11-4-upgrade-value-image-rrdtool-1-7-0-11-4-30-0-0-88-0
  • oracle-solaris-11-4-upgrade-value-image-xcursorgen-1-0-7-11-4-30-0-1-88-0
  • oracle-solaris-11-4-upgrade-value-library-desktop-gdk-pixbuf-2-39-2-11-4-30-0-1-88-0
  • oracle-solaris-11-4-upgrade-value-library-desktop-gstreamer-1-gst-plugins-base-1-16-2-11-4-30-0-1-88-0
  • oracle-solaris-11-4-upgrade-value-library-desktop-gstreamer-1-gst-plugins-good-1-16-2-11-4-30-0-1-88-0
  • oracle-solaris-11-4-upgrade-value-library-desktop-libgxps-0-3-1-11-4-30-0-1-88-0
  • oracle-solaris-11-4-upgrade-value-library-desktop-qt5-5-12-9-11-4-30-0-1-88-0
  • oracle-solaris-11-4-upgrade-value-library-desktop-search-tracker-2-3-2-11-4-30-0-1-88-0
  • oracle-solaris-11-4-upgrade-value-library-desktop-webkitgtk4-2-30-3-11-4-30-0-1-88-0
  • oracle-solaris-11-4-upgrade-value-library-gd-2-2-5-11-4-30-0-1-88-0
  • oracle-solaris-11-4-upgrade-value-library-graphics-pixman-0-38-4-11-4-30-0-1-88-0
  • oracle-solaris-11-4-upgrade-value-library-graphics-wxwidgets-3-0-3-11-4-30-0-1-88-0
  • oracle-solaris-11-4-upgrade-value-print-filter-poppler-20-10-0-11-4-30-0-1-88-0
  • oracle-solaris-11-4-upgrade-value-system-library-freetype-2-2-10-4-11-4-30-0-1-88-0
  • oracle-solaris-11-4-upgrade-value-web-analytics-webalizer-2-23-8-11-4-30-0-1-88-0
  • oracle-solaris-11-4-upgrade-value-web-php-73-7-3-23-11-4-30-0-1-88-0
  • oracle-solaris-11-4-upgrade-value-web-php-74-7-4-11-11-4-30-0-1-88-0
  • oracle-solaris-11-4-upgrade-value-x11-library-toolkit-fltk-1-3-5-11-4-30-0-1-88-0

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;