Test Kennung:	1.3.6.1.4.1.25623.1.0.60967
Kategorie:	Mandrake Local Security Checks
Titel:	Mandrake Security Advisory MDVSA-2008:102 (libvorbis)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing an update to libvorbis announced via advisory MDVSA-2008:102. Will Drewry of the Google Security Team reported several vulnerabilities in how libvorbis processed audio data. An attacker could create a carefuly crafted OGG audio file in such a way that it would cause an application linked to libvorbis to crash or possibly execute arbitray code when opened (CVE-2008-1419, CVE-2008-1420, CVE-2008-1423). The updated packages have been patched to correct these issues. Affected: 2007.1, 2008.0, 2008.1, Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2008:102 Risk factor : Critical CVSS Score: 9.3
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2008-1419 BugTraq ID: 29206 http://www.securityfocus.com/bid/29206 Debian Security Information: DSA-1591 (Google Search) http://www.debian.org/security/2008/dsa-1591 https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00247.html https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00256.html https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00243.html http://security.gentoo.org/glsa/glsa-200806-09.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:102 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10104 http://www.redhat.com/support/errata/RHSA-2008-0270.html http://www.redhat.com/support/errata/RHSA-2008-0271.html http://www.securitytracker.com/id?1020029 http://secunia.com/advisories/30234 http://secunia.com/advisories/30237 http://secunia.com/advisories/30247 http://secunia.com/advisories/30259 http://secunia.com/advisories/30479 http://secunia.com/advisories/30581 http://secunia.com/advisories/30820 http://secunia.com/advisories/32946 SuSE Security Announcement: SUSE-SR:2008:012 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html http://www.ubuntu.com/usn/USN-682-1 http://www.vupen.com/english/advisories/2008/1510/references XForce ISS Database: libvorbis-ogg-bo(42397) https://exchange.xforce.ibmcloud.com/vulnerabilities/42397 XForce ISS Database: libvorbis-ogg-dos(42400) https://exchange.xforce.ibmcloud.com/vulnerabilities/42400 Common Vulnerability Exposure (CVE) ID: CVE-2008-1420 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9500 http://secunia.com/advisories/36463 https://usn.ubuntu.com/825-1/ XForce ISS Database: libvorbis-residue-bo(42402) https://exchange.xforce.ibmcloud.com/vulnerabilities/42402 Common Vulnerability Exposure (CVE) ID: CVE-2008-1423 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9851 XForce ISS Database: libvorbis-quantvals-quantlist-bo(42403) https://exchange.xforce.ibmcloud.com/vulnerabilities/42403
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.