RHEL 7:GNOME(RHSA-2018:3140)

critical Nessus プラグイン ID 118726

概要

リモートのRed Hatホストに1つ以上のセキュリティ更新プログラムがありません。

説明

更新プログラムが、Red Hat Enterprise Linux 7で利用可能になりました。Red Hat製品セキュリティは、この更新がセキュリティに及ぼす影響を重要度中と評価しています。詳細な重要度評価を示すCVSS(共通脆弱性評価システム)ベーススコアは、「参照」セクションのCVEリンクから脆弱性ごとに入手できます。GNOMEはRed Hat Enterprise Linuxのデフォルトのデスクトップ環境です。セキュリティ修正プログラム:* libsoup:空のホストネームでのsoup_cookie_jar.c:get_cookies()のクラッシュ(CVE-2018-12910)* poppler:fofi/FoFiType1C.cc:FoFiType1C::cvtGlyph()関数の無限再帰によるサービス拒否の可能性があります(CVE-2017-18267)* libgxps:gxps-fonts.cのft_font_face_hash関数でヒープベースのバッファオーバーリード(CVE-2018-10733)* libgxps:gcontenttype.cのgxps_images_guess_content_typeのGLib呼び出しにおけるスタックベースのバッファオーバーフロー(CVE-2018-10767)* poppler:Annot.h:AnnotPath::getCoordsLength()のNULLポインターデリファレンスにより、細工されたPDFを使用してサービス拒否を引き起こされる可能性があります(CVE-2018-10768)* poppler:pdfuniteで領域外読み取り(CVE-2018-13988)影響、CVSSスコア、その他の関連情報を含むセキュリティの問題の詳細については、「参照」セクションに記載されているCVEのページを参照してください。Red Hatは、CVE-2018-10733とCVE-2018-10767を報告してくれたchenyuan氏(NESA Lab)とCVE-2018-13988を報告してくれたHosein Askari氏に感謝の意を表します。追加の変更:このリリースの変更に関する詳細については、「参照」セクションにリンクされている『Red Hat Enterprise Linux 7.6リリースノート』を参照してください。

ソリューション

影響を受けるパッケージを更新してください。

参考資料

https://access.redhat.com/errata/RHSA-2018:3140

https://access.redhat.com/security/cve/CVE-2015-9381

https://access.redhat.com/security/cve/CVE-2015-9382

https://access.redhat.com/security/cve/CVE-2017-18267

https://access.redhat.com/security/cve/CVE-2017-2862

https://access.redhat.com/security/cve/CVE-2018-10733

https://access.redhat.com/security/cve/CVE-2018-10767

https://access.redhat.com/security/cve/CVE-2018-10768

https://access.redhat.com/security/cve/CVE-2018-11712

https://access.redhat.com/security/cve/CVE-2018-11713

https://access.redhat.com/security/cve/CVE-2018-12910

https://access.redhat.com/security/cve/CVE-2018-13988

https://access.redhat.com/security/cve/CVE-2018-14036

https://access.redhat.com/security/cve/CVE-2018-4121

https://access.redhat.com/security/cve/CVE-2018-4200

https://access.redhat.com/security/cve/CVE-2018-4204

https://bugzilla.redhat.com/1488817

https://bugzilla.redhat.com/1576111

https://bugzilla.redhat.com/1576169

https://bugzilla.redhat.com/1576175

https://bugzilla.redhat.com/1577374

https://bugzilla.redhat.com/1577385

https://bugzilla.redhat.com/1577387

https://bugzilla.redhat.com/1578777

https://bugzilla.redhat.com/1588739

https://bugzilla.redhat.com/1588742

https://bugzilla.redhat.com/1597980

https://bugzilla.redhat.com/1601019

https://bugzilla.redhat.com/1602838

https://bugzilla.redhat.com/1752788

https://bugzilla.redhat.com/1763609

プラグインの詳細

深刻度: Critical

ID: 118726

ファイル名: redhat-RHSA-2018-3140.nasl

バージョン: 1.8

タイプ: local

エージェント: unix

公開日: 2018/11/5

更新日: 2023/8/15

サポートされているセンサー: Agentless Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

リスク情報

VPR

リスクファクター: Medium

スコア: 6.7

CVSS v2

リスクファクター: High

Base Score: 7.5

Temporal Score: 5.9

ベクトル: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS スコアのソース: CVE-2018-12910

CVSS v3

リスクファクター: Critical

Base Score: 9.8

Temporal Score: 8.8

ベクトル: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

現状ベクトル: CVSS:3.0/E:P/RL:O/RC:C

脆弱性情報

CPE: p-cpe:/a:redhat:enterprise_linux:dconf, p-cpe:/a:redhat:enterprise_linux:dconf-debuginfo, p-cpe:/a:redhat:enterprise_linux:dconf-devel, p-cpe:/a:redhat:enterprise_linux:dconf-editor, p-cpe:/a:redhat:enterprise_linux:dconf-editor-debuginfo, p-cpe:/a:redhat:enterprise_linux:devhelp, p-cpe:/a:redhat:enterprise_linux:devhelp-debuginfo, p-cpe:/a:redhat:enterprise_linux:devhelp-devel, p-cpe:/a:redhat:enterprise_linux:devhelp-libs, p-cpe:/a:redhat:enterprise_linux:ekiga, p-cpe:/a:redhat:enterprise_linux:ekiga-debuginfo, p-cpe:/a:redhat:enterprise_linux:empathy, p-cpe:/a:redhat:enterprise_linux:empathy-debuginfo, p-cpe:/a:redhat:enterprise_linux:eog, p-cpe:/a:redhat:enterprise_linux:eog-debuginfo, p-cpe:/a:redhat:enterprise_linux:eog-devel, p-cpe:/a:redhat:enterprise_linux:evince, p-cpe:/a:redhat:enterprise_linux:evince-browser-plugin, p-cpe:/a:redhat:enterprise_linux:evince-debuginfo, p-cpe:/a:redhat:enterprise_linux:evince-devel, p-cpe:/a:redhat:enterprise_linux:evince-dvi, p-cpe:/a:redhat:enterprise_linux:packagekit, p-cpe:/a:redhat:enterprise_linux:packagekit-command-not-found, p-cpe:/a:redhat:enterprise_linux:packagekit-cron, p-cpe:/a:redhat:enterprise_linux:packagekit-debuginfo, p-cpe:/a:redhat:enterprise_linux:packagekit-glib, p-cpe:/a:redhat:enterprise_linux:packagekit-glib-devel, p-cpe:/a:redhat:enterprise_linux:packagekit-gstreamer-plugin, p-cpe:/a:redhat:enterprise_linux:packagekit-gtk3-module, p-cpe:/a:redhat:enterprise_linux:packagekit-yum, p-cpe:/a:redhat:enterprise_linux:packagekit-yum-plugin, p-cpe:/a:redhat:enterprise_linux:accountsservice, p-cpe:/a:redhat:enterprise_linux:accountsservice-debuginfo, p-cpe:/a:redhat:enterprise_linux:accountsservice-devel, p-cpe:/a:redhat:enterprise_linux:accountsservice-libs, p-cpe:/a:redhat:enterprise_linux:adwaita-cursor-theme, p-cpe:/a:redhat:enterprise_linux:adwaita-gtk2-theme, p-cpe:/a:redhat:enterprise_linux:adwaita-icon-theme, p-cpe:/a:redhat:enterprise_linux:adwaita-icon-theme-devel, p-cpe:/a:redhat:enterprise_linux:appstream-data, p-cpe:/a:redhat:enterprise_linux:at-spi2-atk, p-cpe:/a:redhat:enterprise_linux:at-spi2-atk-debuginfo, p-cpe:/a:redhat:enterprise_linux:at-spi2-atk-devel, p-cpe:/a:redhat:enterprise_linux:at-spi2-core, p-cpe:/a:redhat:enterprise_linux:at-spi2-core-debuginfo, p-cpe:/a:redhat:enterprise_linux:at-spi2-core-devel, p-cpe:/a:redhat:enterprise_linux:atk, p-cpe:/a:redhat:enterprise_linux:atk-debuginfo, p-cpe:/a:redhat:enterprise_linux:atk-devel, p-cpe:/a:redhat:enterprise_linux:baobab, p-cpe:/a:redhat:enterprise_linux:baobab-debuginfo, p-cpe:/a:redhat:enterprise_linux:bolt, p-cpe:/a:redhat:enterprise_linux:bolt-debuginfo, p-cpe:/a:redhat:enterprise_linux:brasero, p-cpe:/a:redhat:enterprise_linux:brasero-debuginfo, p-cpe:/a:redhat:enterprise_linux:brasero-devel, p-cpe:/a:redhat:enterprise_linux:brasero-libs, p-cpe:/a:redhat:enterprise_linux:brasero-nautilus, p-cpe:/a:redhat:enterprise_linux:cairo, p-cpe:/a:redhat:enterprise_linux:cairo-debuginfo, p-cpe:/a:redhat:enterprise_linux:cairo-devel, p-cpe:/a:redhat:enterprise_linux:cairo-gobject, p-cpe:/a:redhat:enterprise_linux:cairo-gobject-devel, p-cpe:/a:redhat:enterprise_linux:cairo-tools, p-cpe:/a:redhat:enterprise_linux:cheese, p-cpe:/a:redhat:enterprise_linux:cheese-debuginfo, p-cpe:/a:redhat:enterprise_linux:cheese-libs, p-cpe:/a:redhat:enterprise_linux:cheese-libs-devel, p-cpe:/a:redhat:enterprise_linux:clutter-gst3, p-cpe:/a:redhat:enterprise_linux:clutter-gst3-debuginfo, p-cpe:/a:redhat:enterprise_linux:clutter-gst3-devel, p-cpe:/a:redhat:enterprise_linux:compat-exiv2-023, p-cpe:/a:redhat:enterprise_linux:compat-exiv2-023-debuginfo, p-cpe:/a:redhat:enterprise_linux:compat-libical1, p-cpe:/a:redhat:enterprise_linux:control-center, p-cpe:/a:redhat:enterprise_linux:control-center-debuginfo, p-cpe:/a:redhat:enterprise_linux:control-center-filesystem, p-cpe:/a:redhat:enterprise_linux:fontconfig-devel-doc, p-cpe:/a:redhat:enterprise_linux:freetype, p-cpe:/a:redhat:enterprise_linux:freetype-debuginfo, p-cpe:/a:redhat:enterprise_linux:freetype-demos, p-cpe:/a:redhat:enterprise_linux:freetype-devel, p-cpe:/a:redhat:enterprise_linux:fribidi, p-cpe:/a:redhat:enterprise_linux:fribidi-debuginfo, p-cpe:/a:redhat:enterprise_linux:fribidi-devel, p-cpe:/a:redhat:enterprise_linux:fwupd, p-cpe:/a:redhat:enterprise_linux:fwupd-debuginfo, p-cpe:/a:redhat:enterprise_linux:fwupd-devel, p-cpe:/a:redhat:enterprise_linux:evince-libs, p-cpe:/a:redhat:enterprise_linux:evince-nautilus, p-cpe:/a:redhat:enterprise_linux:evolution, p-cpe:/a:redhat:enterprise_linux:evolution-bogofilter, p-cpe:/a:redhat:enterprise_linux:evolution-data-server, p-cpe:/a:redhat:enterprise_linux:evolution-data-server-debuginfo, p-cpe:/a:redhat:enterprise_linux:evolution-data-server-devel, p-cpe:/a:redhat:enterprise_linux:evolution-data-server-doc, p-cpe:/a:redhat:enterprise_linux:evolution-data-server-langpacks, p-cpe:/a:redhat:enterprise_linux:evolution-data-server-perl, p-cpe:/a:redhat:enterprise_linux:evolution-data-server-tests, p-cpe:/a:redhat:enterprise_linux:evolution-debuginfo, p-cpe:/a:redhat:enterprise_linux:evolution-devel, p-cpe:/a:redhat:enterprise_linux:evolution-devel-docs, p-cpe:/a:redhat:enterprise_linux:evolution-ews, p-cpe:/a:redhat:enterprise_linux:evolution-ews-debuginfo, p-cpe:/a:redhat:enterprise_linux:evolution-ews-langpacks, p-cpe:/a:redhat:enterprise_linux:evolution-help, p-cpe:/a:redhat:enterprise_linux:evolution-langpacks, p-cpe:/a:redhat:enterprise_linux:evolution-mapi, p-cpe:/a:redhat:enterprise_linux:evolution-mapi-debuginfo, p-cpe:/a:redhat:enterprise_linux:evolution-mapi-langpacks, p-cpe:/a:redhat:enterprise_linux:fwupdate, p-cpe:/a:redhat:enterprise_linux:fwupdate-debuginfo, p-cpe:/a:redhat:enterprise_linux:fwupdate-devel, p-cpe:/a:redhat:enterprise_linux:fwupdate-efi, p-cpe:/a:redhat:enterprise_linux:fwupdate-libs, p-cpe:/a:redhat:enterprise_linux:gcr, p-cpe:/a:redhat:enterprise_linux:gcr-debuginfo, p-cpe:/a:redhat:enterprise_linux:gcr-devel, p-cpe:/a:redhat:enterprise_linux:gdk-pixbuf2, p-cpe:/a:redhat:enterprise_linux:gdk-pixbuf2-debuginfo, p-cpe:/a:redhat:enterprise_linux:gdk-pixbuf2-devel, p-cpe:/a:redhat:enterprise_linux:gdk-pixbuf2-tests, p-cpe:/a:redhat:enterprise_linux:gdm, p-cpe:/a:redhat:enterprise_linux:gdm-debuginfo, p-cpe:/a:redhat:enterprise_linux:gdm-devel, p-cpe:/a:redhat:enterprise_linux:gdm-pam-extensions-devel, p-cpe:/a:redhat:enterprise_linux:gedit, p-cpe:/a:redhat:enterprise_linux:gedit-debuginfo, p-cpe:/a:redhat:enterprise_linux:gedit-devel, p-cpe:/a:redhat:enterprise_linux:gedit-plugin-bookmarks, p-cpe:/a:redhat:enterprise_linux:gedit-plugin-bracketcompletion, p-cpe:/a:redhat:enterprise_linux:gedit-plugin-charmap, p-cpe:/a:redhat:enterprise_linux:gedit-plugin-codecomment, p-cpe:/a:redhat:enterprise_linux:gedit-plugin-colorpicker, p-cpe:/a:redhat:enterprise_linux:gedit-plugin-colorschemer, p-cpe:/a:redhat:enterprise_linux:gedit-plugin-commander, p-cpe:/a:redhat:enterprise_linux:gedit-plugin-drawspaces, p-cpe:/a:redhat:enterprise_linux:gedit-plugin-findinfiles, p-cpe:/a:redhat:enterprise_linux:gedit-plugin-joinlines, p-cpe:/a:redhat:enterprise_linux:gedit-plugin-multiedit, p-cpe:/a:redhat:enterprise_linux:gedit-plugin-smartspaces, p-cpe:/a:redhat:enterprise_linux:gedit-plugin-synctex, p-cpe:/a:redhat:enterprise_linux:gedit-plugin-terminal, p-cpe:/a:redhat:enterprise_linux:gedit-plugin-textsize, p-cpe:/a:redhat:enterprise_linux:gedit-plugin-translate, p-cpe:/a:redhat:enterprise_linux:gedit-plugin-wordcompletion, p-cpe:/a:redhat:enterprise_linux:gedit-plugins, p-cpe:/a:redhat:enterprise_linux:gedit-plugins-data, p-cpe:/a:redhat:enterprise_linux:gedit-plugins-debuginfo, p-cpe:/a:redhat:enterprise_linux:geoclue2, p-cpe:/a:redhat:enterprise_linux:geoclue2-debuginfo, p-cpe:/a:redhat:enterprise_linux:geoclue2-demos, p-cpe:/a:redhat:enterprise_linux:geoclue2-devel, p-cpe:/a:redhat:enterprise_linux:geoclue2-libs, p-cpe:/a:redhat:enterprise_linux:geocode-glib, p-cpe:/a:redhat:enterprise_linux:geocode-glib-debuginfo, p-cpe:/a:redhat:enterprise_linux:geocode-glib-devel, p-cpe:/a:redhat:enterprise_linux:gjs, p-cpe:/a:redhat:enterprise_linux:gjs-debuginfo, p-cpe:/a:redhat:enterprise_linux:gjs-devel, p-cpe:/a:redhat:enterprise_linux:gjs-tests, p-cpe:/a:redhat:enterprise_linux:glade, p-cpe:/a:redhat:enterprise_linux:glade-debuginfo, p-cpe:/a:redhat:enterprise_linux:glade-devel, p-cpe:/a:redhat:enterprise_linux:glade-libs, p-cpe:/a:redhat:enterprise_linux:glib-networking, p-cpe:/a:redhat:enterprise_linux:glib-networking-debuginfo, p-cpe:/a:redhat:enterprise_linux:glib-networking-tests, p-cpe:/a:redhat:enterprise_linux:glib2, p-cpe:/a:redhat:enterprise_linux:glib2-debuginfo, p-cpe:/a:redhat:enterprise_linux:glib2-devel, p-cpe:/a:redhat:enterprise_linux:glib2-doc, p-cpe:/a:redhat:enterprise_linux:glib2-fam, p-cpe:/a:redhat:enterprise_linux:glib2-static, p-cpe:/a:redhat:enterprise_linux:glib2-tests, p-cpe:/a:redhat:enterprise_linux:glibmm24, p-cpe:/a:redhat:enterprise_linux:glibmm24-debuginfo, p-cpe:/a:redhat:enterprise_linux:glibmm24-devel, p-cpe:/a:redhat:enterprise_linux:glibmm24-doc, p-cpe:/a:redhat:enterprise_linux:gnome-backgrounds, p-cpe:/a:redhat:enterprise_linux:gnome-bluetooth, p-cpe:/a:redhat:enterprise_linux:gnome-bluetooth-debuginfo, p-cpe:/a:redhat:enterprise_linux:gnome-bluetooth-libs, p-cpe:/a:redhat:enterprise_linux:gnome-bluetooth-libs-devel, p-cpe:/a:redhat:enterprise_linux:gnome-boxes, p-cpe:/a:redhat:enterprise_linux:gnome-boxes-debuginfo, p-cpe:/a:redhat:enterprise_linux:gnome-calculator, p-cpe:/a:redhat:enterprise_linux:gnome-calculator-debuginfo, p-cpe:/a:redhat:enterprise_linux:gnome-classic-session, p-cpe:/a:redhat:enterprise_linux:gnome-clocks, p-cpe:/a:redhat:enterprise_linux:gnome-clocks-debuginfo, p-cpe:/a:redhat:enterprise_linux:gnome-color-manager, p-cpe:/a:redhat:enterprise_linux:gnome-color-manager-debuginfo, p-cpe:/a:redhat:enterprise_linux:gnome-contacts, p-cpe:/a:redhat:enterprise_linux:gnome-contacts-debuginfo, p-cpe:/a:redhat:enterprise_linux:gnome-desktop3, p-cpe:/a:redhat:enterprise_linux:gnome-desktop3-debuginfo, p-cpe:/a:redhat:enterprise_linux:gnome-desktop3-devel, p-cpe:/a:redhat:enterprise_linux:gnome-desktop3-tests, p-cpe:/a:redhat:enterprise_linux:gnome-devel-docs, p-cpe:/a:redhat:enterprise_linux:gnome-dictionary, p-cpe:/a:redhat:enterprise_linux:gnome-dictionary-debuginfo, p-cpe:/a:redhat:enterprise_linux:gnome-disk-utility, p-cpe:/a:redhat:enterprise_linux:gnome-disk-utility-debuginfo, p-cpe:/a:redhat:enterprise_linux:gnome-documents, p-cpe:/a:redhat:enterprise_linux:evolution-pst, p-cpe:/a:redhat:enterprise_linux:evolution-spamassassin, p-cpe:/a:redhat:enterprise_linux:evolution-tests, p-cpe:/a:redhat:enterprise_linux:file-roller, p-cpe:/a:redhat:enterprise_linux:file-roller-debuginfo, p-cpe:/a:redhat:enterprise_linux:file-roller-nautilus, p-cpe:/a:redhat:enterprise_linux:flatpak, p-cpe:/a:redhat:enterprise_linux:flatpak-builder, p-cpe:/a:redhat:enterprise_linux:flatpak-debuginfo, p-cpe:/a:redhat:enterprise_linux:flatpak-devel, p-cpe:/a:redhat:enterprise_linux:flatpak-libs, p-cpe:/a:redhat:enterprise_linux:folks, p-cpe:/a:redhat:enterprise_linux:folks-debuginfo, p-cpe:/a:redhat:enterprise_linux:folks-devel, p-cpe:/a:redhat:enterprise_linux:folks-tools, p-cpe:/a:redhat:enterprise_linux:fontconfig, p-cpe:/a:redhat:enterprise_linux:fontconfig-debuginfo, p-cpe:/a:redhat:enterprise_linux:fontconfig-devel, p-cpe:/a:redhat:enterprise_linux:gnome-documents-debuginfo, p-cpe:/a:redhat:enterprise_linux:gnome-documents-libs, p-cpe:/a:redhat:enterprise_linux:gnome-font-viewer, p-cpe:/a:redhat:enterprise_linux:gnome-font-viewer-debuginfo, p-cpe:/a:redhat:enterprise_linux:gnome-getting-started-docs, p-cpe:/a:redhat:enterprise_linux:gnome-getting-started-docs-cs, p-cpe:/a:redhat:enterprise_linux:gnome-getting-started-docs-de, p-cpe:/a:redhat:enterprise_linux:gnome-getting-started-docs-es, p-cpe:/a:redhat:enterprise_linux:gnome-getting-started-docs-fr, p-cpe:/a:redhat:enterprise_linux:gnome-getting-started-docs-gl, p-cpe:/a:redhat:enterprise_linux:gnome-getting-started-docs-hu, p-cpe:/a:redhat:enterprise_linux:gnome-getting-started-docs-it, p-cpe:/a:redhat:enterprise_linux:gnome-getting-started-docs-pl, p-cpe:/a:redhat:enterprise_linux:gnome-getting-started-docs-pt_br, p-cpe:/a:redhat:enterprise_linux:gnome-getting-started-docs-ru, p-cpe:/a:redhat:enterprise_linux:gnome-initial-setup, p-cpe:/a:redhat:enterprise_linux:gnome-initial-setup-debuginfo, p-cpe:/a:redhat:enterprise_linux:gnome-keyring, p-cpe:/a:redhat:enterprise_linux:gnome-keyring-debuginfo, p-cpe:/a:redhat:enterprise_linux:gnome-keyring-pam, p-cpe:/a:redhat:enterprise_linux:gnome-online-accounts, p-cpe:/a:redhat:enterprise_linux:gnome-online-accounts-debuginfo, p-cpe:/a:redhat:enterprise_linux:gnome-online-accounts-devel, p-cpe:/a:redhat:enterprise_linux:gnome-online-miners, p-cpe:/a:redhat:enterprise_linux:gnome-online-miners-debuginfo, p-cpe:/a:redhat:enterprise_linux:gnome-packagekit, p-cpe:/a:redhat:enterprise_linux:gnome-packagekit-common, p-cpe:/a:redhat:enterprise_linux:gnome-packagekit-debuginfo, p-cpe:/a:redhat:enterprise_linux:gnome-packagekit-installer, p-cpe:/a:redhat:enterprise_linux:gnome-packagekit-updater, p-cpe:/a:redhat:enterprise_linux:gnome-screenshot, p-cpe:/a:redhat:enterprise_linux:gnome-screenshot-debuginfo, p-cpe:/a:redhat:enterprise_linux:gnome-session, p-cpe:/a:redhat:enterprise_linux:gnome-session-custom-session, p-cpe:/a:redhat:enterprise_linux:gnome-session-debuginfo, p-cpe:/a:redhat:enterprise_linux:gnome-session-wayland-session, p-cpe:/a:redhat:enterprise_linux:gnome-session-xsession, p-cpe:/a:redhat:enterprise_linux:gnome-settings-daemon, p-cpe:/a:redhat:enterprise_linux:gnome-settings-daemon-debuginfo, p-cpe:/a:redhat:enterprise_linux:gnome-settings-daemon-devel, p-cpe:/a:redhat:enterprise_linux:gnome-shell, p-cpe:/a:redhat:enterprise_linux:gnome-shell-debuginfo, p-cpe:/a:redhat:enterprise_linux:gnome-shell-extension-alternate-tab, p-cpe:/a:redhat:enterprise_linux:gnome-shell-extension-apps-menu, p-cpe:/a:redhat:enterprise_linux:gnome-shell-extension-auto-move-windows, p-cpe:/a:redhat:enterprise_linux:gnome-shell-extension-common, p-cpe:/a:redhat:enterprise_linux:gnome-shell-extension-dash-to-dock, p-cpe:/a:redhat:enterprise_linux:gnome-shell-extension-drive-menu, p-cpe:/a:redhat:enterprise_linux:gnome-shell-extension-launch-new-instance, p-cpe:/a:redhat:enterprise_linux:gnome-shell-extension-native-window-placement, p-cpe:/a:redhat:enterprise_linux:gnome-shell-extension-no-hot-corner, p-cpe:/a:redhat:enterprise_linux:gnome-shell-extension-panel-favorites, p-cpe:/a:redhat:enterprise_linux:gnome-shell-extension-places-menu, p-cpe:/a:redhat:enterprise_linux:gnome-shell-extension-screenshot-window-sizer, p-cpe:/a:redhat:enterprise_linux:gnome-shell-extension-systemmonitor, p-cpe:/a:redhat:enterprise_linux:gnome-shell-extension-top-icons, p-cpe:/a:redhat:enterprise_linux:gnome-shell-extension-updates-dialog, p-cpe:/a:redhat:enterprise_linux:gnome-shell-extension-user-theme, p-cpe:/a:redhat:enterprise_linux:gnome-shell-extension-window-list, p-cpe:/a:redhat:enterprise_linux:gnome-shell-extension-windowsnavigator, p-cpe:/a:redhat:enterprise_linux:gnome-shell-extension-workspace-indicator, p-cpe:/a:redhat:enterprise_linux:gnome-software, p-cpe:/a:redhat:enterprise_linux:gnome-software-debuginfo, p-cpe:/a:redhat:enterprise_linux:gnome-software-devel, p-cpe:/a:redhat:enterprise_linux:gnome-software-editor, p-cpe:/a:redhat:enterprise_linux:gnome-system-monitor, p-cpe:/a:redhat:enterprise_linux:gnome-system-monitor-debuginfo, p-cpe:/a:redhat:enterprise_linux:gnome-terminal, p-cpe:/a:redhat:enterprise_linux:gnome-terminal-debuginfo, p-cpe:/a:redhat:enterprise_linux:gnome-terminal-nautilus, p-cpe:/a:redhat:enterprise_linux:gnome-themes-standard, p-cpe:/a:redhat:enterprise_linux:gnome-themes-standard-debuginfo, p-cpe:/a:redhat:enterprise_linux:gnome-tweak-tool, p-cpe:/a:redhat:enterprise_linux:gnome-user-docs, p-cpe:/a:redhat:enterprise_linux:gnote, p-cpe:/a:redhat:enterprise_linux:gnote-debuginfo, p-cpe:/a:redhat:enterprise_linux:gobject-introspection, p-cpe:/a:redhat:enterprise_linux:gobject-introspection-debuginfo, p-cpe:/a:redhat:enterprise_linux:gobject-introspection-devel, p-cpe:/a:redhat:enterprise_linux:gom, p-cpe:/a:redhat:enterprise_linux:gom-debuginfo, p-cpe:/a:redhat:enterprise_linux:gom-devel, p-cpe:/a:redhat:enterprise_linux:google-noto-emoji-color-fonts, p-cpe:/a:redhat:enterprise_linux:google-noto-emoji-fonts, p-cpe:/a:redhat:enterprise_linux:grilo, p-cpe:/a:redhat:enterprise_linux:grilo-debuginfo, p-cpe:/a:redhat:enterprise_linux:grilo-devel, p-cpe:/a:redhat:enterprise_linux:grilo-plugins, p-cpe:/a:redhat:enterprise_linux:grilo-plugins-debuginfo, p-cpe:/a:redhat:enterprise_linux:gsettings-desktop-schemas, p-cpe:/a:redhat:enterprise_linux:gsettings-desktop-schemas-devel, p-cpe:/a:redhat:enterprise_linux:libgxps, p-cpe:/a:redhat:enterprise_linux:libgxps-debuginfo, p-cpe:/a:redhat:enterprise_linux:libgxps-devel, p-cpe:/a:redhat:enterprise_linux:libgxps-tools, p-cpe:/a:redhat:enterprise_linux:libical, p-cpe:/a:redhat:enterprise_linux:libical-debuginfo, p-cpe:/a:redhat:enterprise_linux:libical-devel, p-cpe:/a:redhat:enterprise_linux:libical-glib, p-cpe:/a:redhat:enterprise_linux:gspell, p-cpe:/a:redhat:enterprise_linux:gspell-debuginfo, p-cpe:/a:redhat:enterprise_linux:gspell-devel, p-cpe:/a:redhat:enterprise_linux:gspell-doc, p-cpe:/a:redhat:enterprise_linux:gssdp, p-cpe:/a:redhat:enterprise_linux:gssdp-debuginfo, p-cpe:/a:redhat:enterprise_linux:gssdp-devel, p-cpe:/a:redhat:enterprise_linux:gssdp-docs, p-cpe:/a:redhat:enterprise_linux:gssdp-utils, p-cpe:/a:redhat:enterprise_linux:gstreamer1-plugins-base, p-cpe:/a:redhat:enterprise_linux:gstreamer1-plugins-base-debuginfo, p-cpe:/a:redhat:enterprise_linux:gstreamer1-plugins-base-devel, p-cpe:/a:redhat:enterprise_linux:gstreamer1-plugins-base-devel-docs, p-cpe:/a:redhat:enterprise_linux:gstreamer1-plugins-base-tools, p-cpe:/a:redhat:enterprise_linux:gtk-doc, p-cpe:/a:redhat:enterprise_linux:gtk-update-icon-cache, p-cpe:/a:redhat:enterprise_linux:gtk3, p-cpe:/a:redhat:enterprise_linux:gtk3-debuginfo, p-cpe:/a:redhat:enterprise_linux:gtk3-devel, p-cpe:/a:redhat:enterprise_linux:gtk3-devel-docs, p-cpe:/a:redhat:enterprise_linux:gtk3-immodule-xim, p-cpe:/a:redhat:enterprise_linux:gtk3-immodules, p-cpe:/a:redhat:enterprise_linux:gtk3-tests, p-cpe:/a:redhat:enterprise_linux:gtksourceview3, p-cpe:/a:redhat:enterprise_linux:gtksourceview3-debuginfo, p-cpe:/a:redhat:enterprise_linux:gtksourceview3-devel, p-cpe:/a:redhat:enterprise_linux:gtksourceview3-tests, p-cpe:/a:redhat:enterprise_linux:gucharmap, p-cpe:/a:redhat:enterprise_linux:gucharmap-debuginfo, p-cpe:/a:redhat:enterprise_linux:gucharmap-devel, p-cpe:/a:redhat:enterprise_linux:gucharmap-libs, p-cpe:/a:redhat:enterprise_linux:gupnp, p-cpe:/a:redhat:enterprise_linux:gupnp-debuginfo, p-cpe:/a:redhat:enterprise_linux:gupnp-devel, p-cpe:/a:redhat:enterprise_linux:gupnp-docs, p-cpe:/a:redhat:enterprise_linux:gupnp-igd, p-cpe:/a:redhat:enterprise_linux:gupnp-igd-debuginfo, p-cpe:/a:redhat:enterprise_linux:gupnp-igd-devel, p-cpe:/a:redhat:enterprise_linux:gupnp-igd-python, p-cpe:/a:redhat:enterprise_linux:gvfs, p-cpe:/a:redhat:enterprise_linux:gvfs-afc, p-cpe:/a:redhat:enterprise_linux:gvfs-afp, p-cpe:/a:redhat:enterprise_linux:gvfs-archive, p-cpe:/a:redhat:enterprise_linux:gvfs-client, p-cpe:/a:redhat:enterprise_linux:gvfs-debuginfo, p-cpe:/a:redhat:enterprise_linux:gvfs-devel, p-cpe:/a:redhat:enterprise_linux:gvfs-fuse, p-cpe:/a:redhat:enterprise_linux:gvfs-goa, p-cpe:/a:redhat:enterprise_linux:gvfs-gphoto2, p-cpe:/a:redhat:enterprise_linux:gvfs-mtp, p-cpe:/a:redhat:enterprise_linux:gvfs-smb, p-cpe:/a:redhat:enterprise_linux:gvfs-tests, p-cpe:/a:redhat:enterprise_linux:harfbuzz, p-cpe:/a:redhat:enterprise_linux:harfbuzz-debuginfo, p-cpe:/a:redhat:enterprise_linux:harfbuzz-devel, p-cpe:/a:redhat:enterprise_linux:harfbuzz-icu, p-cpe:/a:redhat:enterprise_linux:json-glib, p-cpe:/a:redhat:enterprise_linux:json-glib-debuginfo, p-cpe:/a:redhat:enterprise_linux:json-glib-devel, p-cpe:/a:redhat:enterprise_linux:json-glib-tests, p-cpe:/a:redhat:enterprise_linux:libappstream-glib, p-cpe:/a:redhat:enterprise_linux:libappstream-glib-builder, p-cpe:/a:redhat:enterprise_linux:libappstream-glib-builder-devel, p-cpe:/a:redhat:enterprise_linux:libappstream-glib-debuginfo, p-cpe:/a:redhat:enterprise_linux:libappstream-glib-devel, p-cpe:/a:redhat:enterprise_linux:libchamplain, p-cpe:/a:redhat:enterprise_linux:libchamplain-debuginfo, p-cpe:/a:redhat:enterprise_linux:libchamplain-demos, p-cpe:/a:redhat:enterprise_linux:libchamplain-devel, p-cpe:/a:redhat:enterprise_linux:libchamplain-gtk, p-cpe:/a:redhat:enterprise_linux:libcroco, p-cpe:/a:redhat:enterprise_linux:libcroco-debuginfo, p-cpe:/a:redhat:enterprise_linux:libcroco-devel, p-cpe:/a:redhat:enterprise_linux:libgdata, p-cpe:/a:redhat:enterprise_linux:libgdata-debuginfo, p-cpe:/a:redhat:enterprise_linux:libgdata-devel, p-cpe:/a:redhat:enterprise_linux:libgee, p-cpe:/a:redhat:enterprise_linux:libgee-debuginfo, p-cpe:/a:redhat:enterprise_linux:libgee-devel, p-cpe:/a:redhat:enterprise_linux:libgepub, p-cpe:/a:redhat:enterprise_linux:libgepub-debuginfo, p-cpe:/a:redhat:enterprise_linux:libgepub-devel, p-cpe:/a:redhat:enterprise_linux:libgexiv2, p-cpe:/a:redhat:enterprise_linux:libgexiv2-debuginfo, p-cpe:/a:redhat:enterprise_linux:libgexiv2-devel, p-cpe:/a:redhat:enterprise_linux:libgnomekbd, p-cpe:/a:redhat:enterprise_linux:libgnomekbd-debuginfo, p-cpe:/a:redhat:enterprise_linux:libgnomekbd-devel, p-cpe:/a:redhat:enterprise_linux:libgovirt, p-cpe:/a:redhat:enterprise_linux:libgovirt-debuginfo, p-cpe:/a:redhat:enterprise_linux:libgovirt-devel, p-cpe:/a:redhat:enterprise_linux:libical-glib-devel, p-cpe:/a:redhat:enterprise_linux:libical-glib-doc, p-cpe:/a:redhat:enterprise_linux:libjpeg-turbo, p-cpe:/a:redhat:enterprise_linux:libjpeg-turbo-debuginfo, p-cpe:/a:redhat:enterprise_linux:libjpeg-turbo-devel, p-cpe:/a:redhat:enterprise_linux:libjpeg-turbo-static, p-cpe:/a:redhat:enterprise_linux:libjpeg-turbo-utils, p-cpe:/a:redhat:enterprise_linux:libmediaart, p-cpe:/a:redhat:enterprise_linux:libmediaart-debuginfo, p-cpe:/a:redhat:enterprise_linux:libmediaart-devel, p-cpe:/a:redhat:enterprise_linux:libmediaart-tests, p-cpe:/a:redhat:enterprise_linux:libosinfo-devel, p-cpe:/a:redhat:enterprise_linux:libosinfo-vala, p-cpe:/a:redhat:enterprise_linux:libpeas, p-cpe:/a:redhat:enterprise_linux:libpeas-debuginfo, p-cpe:/a:redhat:enterprise_linux:libpeas-devel, p-cpe:/a:redhat:enterprise_linux:libpeas-gtk, p-cpe:/a:redhat:enterprise_linux:libpeas-loader-python, p-cpe:/a:redhat:enterprise_linux:librsvg2, p-cpe:/a:redhat:enterprise_linux:librsvg2-debuginfo, p-cpe:/a:redhat:enterprise_linux:librsvg2-devel, p-cpe:/a:redhat:enterprise_linux:librsvg2-tools, p-cpe:/a:redhat:enterprise_linux:libsecret, p-cpe:/a:redhat:enterprise_linux:libsecret-debuginfo, p-cpe:/a:redhat:enterprise_linux:libsecret-devel, p-cpe:/a:redhat:enterprise_linux:libsoup, p-cpe:/a:redhat:enterprise_linux:libsoup-debuginfo, p-cpe:/a:redhat:enterprise_linux:libsoup-devel, p-cpe:/a:redhat:enterprise_linux:libwayland-client, p-cpe:/a:redhat:enterprise_linux:libwayland-cursor, p-cpe:/a:redhat:enterprise_linux:libwayland-egl, p-cpe:/a:redhat:enterprise_linux:libwayland-server, p-cpe:/a:redhat:enterprise_linux:libwnck3, p-cpe:/a:redhat:enterprise_linux:libwnck3-debuginfo, p-cpe:/a:redhat:enterprise_linux:libwnck3-devel, p-cpe:/a:redhat:enterprise_linux:mozjs52, p-cpe:/a:redhat:enterprise_linux:mozjs52-debuginfo, p-cpe:/a:redhat:enterprise_linux:mozjs52-devel, p-cpe:/a:redhat:enterprise_linux:mutter, p-cpe:/a:redhat:enterprise_linux:libosinfo, p-cpe:/a:redhat:enterprise_linux:libosinfo-debuginfo, p-cpe:/a:redhat:enterprise_linux:mutter-debuginfo, p-cpe:/a:redhat:enterprise_linux:mutter-devel, p-cpe:/a:redhat:enterprise_linux:nautilus, p-cpe:/a:redhat:enterprise_linux:nautilus-debuginfo, p-cpe:/a:redhat:enterprise_linux:nautilus-devel, p-cpe:/a:redhat:enterprise_linux:nautilus-extensions, p-cpe:/a:redhat:enterprise_linux:nautilus-sendto, p-cpe:/a:redhat:enterprise_linux:nautilus-sendto-debuginfo, p-cpe:/a:redhat:enterprise_linux:openchange, p-cpe:/a:redhat:enterprise_linux:openchange-client, p-cpe:/a:redhat:enterprise_linux:openchange-debuginfo, p-cpe:/a:redhat:enterprise_linux:openchange-devel, p-cpe:/a:redhat:enterprise_linux:openchange-devel-docs, p-cpe:/a:redhat:enterprise_linux:osinfo-db, p-cpe:/a:redhat:enterprise_linux:pango, p-cpe:/a:redhat:enterprise_linux:pango-debuginfo, p-cpe:/a:redhat:enterprise_linux:pango-devel, p-cpe:/a:redhat:enterprise_linux:pango-tests, p-cpe:/a:redhat:enterprise_linux:poppler, p-cpe:/a:redhat:enterprise_linux:poppler-cpp, p-cpe:/a:redhat:enterprise_linux:poppler-cpp-devel, p-cpe:/a:redhat:enterprise_linux:poppler-debuginfo, p-cpe:/a:redhat:enterprise_linux:poppler-demos, p-cpe:/a:redhat:enterprise_linux:poppler-devel, p-cpe:/a:redhat:enterprise_linux:poppler-glib, p-cpe:/a:redhat:enterprise_linux:poppler-glib-devel, p-cpe:/a:redhat:enterprise_linux:poppler-qt, p-cpe:/a:redhat:enterprise_linux:poppler-qt-devel, p-cpe:/a:redhat:enterprise_linux:poppler-utils, p-cpe:/a:redhat:enterprise_linux:python2-gexiv2, p-cpe:/a:redhat:enterprise_linux:python2-pyatspi, p-cpe:/a:redhat:enterprise_linux:redhat-logos, p-cpe:/a:redhat:enterprise_linux:rest, p-cpe:/a:redhat:enterprise_linux:rest-debuginfo, p-cpe:/a:redhat:enterprise_linux:rest-devel, p-cpe:/a:redhat:enterprise_linux:rhythmbox, p-cpe:/a:redhat:enterprise_linux:rhythmbox-debuginfo, p-cpe:/a:redhat:enterprise_linux:rhythmbox-devel, p-cpe:/a:redhat:enterprise_linux:seahorse-nautilus, p-cpe:/a:redhat:enterprise_linux:seahorse-nautilus-debuginfo, p-cpe:/a:redhat:enterprise_linux:shotwell, p-cpe:/a:redhat:enterprise_linux:shotwell-debuginfo, p-cpe:/a:redhat:enterprise_linux:sushi, p-cpe:/a:redhat:enterprise_linux:sushi-debuginfo, p-cpe:/a:redhat:enterprise_linux:totem, p-cpe:/a:redhat:enterprise_linux:totem-debuginfo, p-cpe:/a:redhat:enterprise_linux:totem-devel, p-cpe:/a:redhat:enterprise_linux:totem-nautilus, p-cpe:/a:redhat:enterprise_linux:totem-pl-parser, p-cpe:/a:redhat:enterprise_linux:totem-pl-parser-debuginfo, p-cpe:/a:redhat:enterprise_linux:totem-pl-parser-devel, p-cpe:/a:redhat:enterprise_linux:turbojpeg, p-cpe:/a:redhat:enterprise_linux:turbojpeg-devel, p-cpe:/a:redhat:enterprise_linux:upower, p-cpe:/a:redhat:enterprise_linux:upower-debuginfo, p-cpe:/a:redhat:enterprise_linux:upower-devel, p-cpe:/a:redhat:enterprise_linux:upower-devel-docs, p-cpe:/a:redhat:enterprise_linux:vala, p-cpe:/a:redhat:enterprise_linux:vala-debuginfo, p-cpe:/a:redhat:enterprise_linux:vala-devel, p-cpe:/a:redhat:enterprise_linux:vala-doc, p-cpe:/a:redhat:enterprise_linux:valadoc, p-cpe:/a:redhat:enterprise_linux:valadoc-devel, p-cpe:/a:redhat:enterprise_linux:vino, p-cpe:/a:redhat:enterprise_linux:vino-debuginfo, p-cpe:/a:redhat:enterprise_linux:vte-profile, p-cpe:/a:redhat:enterprise_linux:vte291, p-cpe:/a:redhat:enterprise_linux:vte291-debuginfo, p-cpe:/a:redhat:enterprise_linux:vte291-devel, p-cpe:/a:redhat:enterprise_linux:wayland-debuginfo, p-cpe:/a:redhat:enterprise_linux:wayland-devel, p-cpe:/a:redhat:enterprise_linux:wayland-doc, p-cpe:/a:redhat:enterprise_linux:wayland-protocols-devel, p-cpe:/a:redhat:enterprise_linux:webkitgtk4, p-cpe:/a:redhat:enterprise_linux:webkitgtk4-debuginfo, p-cpe:/a:redhat:enterprise_linux:webkitgtk4-devel, p-cpe:/a:redhat:enterprise_linux:webkitgtk4-doc, p-cpe:/a:redhat:enterprise_linux:webkitgtk4-jsc, p-cpe:/a:redhat:enterprise_linux:webkitgtk4-jsc-devel, p-cpe:/a:redhat:enterprise_linux:webkitgtk4-plugin-process-gtk2, p-cpe:/a:redhat:enterprise_linux:xdg-desktop-portal, p-cpe:/a:redhat:enterprise_linux:xdg-desktop-portal-debuginfo, p-cpe:/a:redhat:enterprise_linux:xdg-desktop-portal-devel, p-cpe:/a:redhat:enterprise_linux:xdg-desktop-portal-gtk, p-cpe:/a:redhat:enterprise_linux:xdg-desktop-portal-gtk-debuginfo, p-cpe:/a:redhat:enterprise_linux:yelp, p-cpe:/a:redhat:enterprise_linux:yelp-debuginfo, p-cpe:/a:redhat:enterprise_linux:yelp-devel, p-cpe:/a:redhat:enterprise_linux:yelp-libs, p-cpe:/a:redhat:enterprise_linux:yelp-tools, p-cpe:/a:redhat:enterprise_linux:yelp-xsl, p-cpe:/a:redhat:enterprise_linux:yelp-xsl-devel, p-cpe:/a:redhat:enterprise_linux:zenity, p-cpe:/a:redhat:enterprise_linux:zenity-debuginfo, cpe:/o:redhat:enterprise_linux:7, p-cpe:/a:redhat:enterprise_linux:libgtop2, p-cpe:/a:redhat:enterprise_linux:libgtop2-debuginfo, p-cpe:/a:redhat:enterprise_linux:libgtop2-devel, p-cpe:/a:redhat:enterprise_linux:libgweather, p-cpe:/a:redhat:enterprise_linux:libgweather-debuginfo, p-cpe:/a:redhat:enterprise_linux:libgweather-devel

必要な KB アイテム: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

エクスプロイトが利用可能: true

エクスプロイトの容易さ: Exploits are available

パッチ公開日: 2018/10/30

脆弱性公開日: 2018/5/4

参照情報

CVE: CVE-2015-9381, CVE-2015-9382, CVE-2017-18267, CVE-2017-2862, CVE-2018-10733, CVE-2018-10767, CVE-2018-10768, CVE-2018-11712, CVE-2018-11713, CVE-2018-12910, CVE-2018-13988, CVE-2018-14036, CVE-2018-4121, CVE-2018-4200, CVE-2018-4204

RHSA: 2018:3140