Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.63618
Kategorie:Ubuntu Local Security Checks
Titel:Ubuntu USN-733-1 (evolution-data-server)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:
The remote host is missing an update to evolution-data-server
announced via advisory USN-733-1.

Details follow:

It was discovered that the Base64 encoding functions in
evolution-data-server did not properly handle large strings. If a user were
tricked into opening a specially crafted image file, or tricked into
connecting to a malicious server, an attacker could possibly execute
arbitrary code with user privileges.

Solution:
The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
libcamel1.2-8 1.6.1-0ubuntu7.2
libebook1.2-5 1.6.1-0ubuntu7.2

Ubuntu 7.10:
libcamel1.2-10 1.12.1-0ubuntu2.1
libebook1.2-9 1.12.1-0ubuntu2.1

After a standard system upgrade you need to restart Evolution to effect
the necessary changes.

http://www.securityspace.com/smysecure/catid.html?in=USN-733-1

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2009-0587
BugTraq ID: 34100
http://www.securityfocus.com/bid/34100
Bugtraq: 20090312 [oCERT-2008-015] glib and glib-predecessor heap overflows (Google Search)
http://www.securityfocus.com/archive/1/501712/100/0/threaded
Debian Security Information: DSA-1813 (Google Search)
http://www.debian.org/security/2009/dsa-1813
http://www.mandriva.com/security/advisories?name=MDVSA-2009:078
http://ocert.org/patches/2008-015/camel-CVE-2009-0587.diff
http://ocert.org/patches/2008-015/evc-CVE-2009-0587.diff
http://www.ocert.org/advisories/ocert-2008-015.html
http://openwall.com/lists/oss-security/2009/03/12/2
http://osvdb.org/52702
http://osvdb.org/52703
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11385
http://www.redhat.com/support/errata/RHSA-2009-0354.html
http://www.redhat.com/support/errata/RHSA-2009-0355.html
http://www.redhat.com/support/errata/RHSA-2009-0358.html
http://secunia.com/advisories/34338
http://secunia.com/advisories/34339
http://secunia.com/advisories/34348
http://secunia.com/advisories/34351
http://secunia.com/advisories/35357
SuSE Security Announcement: SUSE-SR:2010:012 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html
http://www.ubuntu.com/usn/USN-733-1
Common Vulnerability Exposure (CVE) ID: CVE-2008-4316
Bugtraq: 20090312 rPSA-2009-0045-1 glib (Google Search)
http://www.securityfocus.com/archive/1/501766/100/0/threaded
Debian Security Information: DSA-1747 (Google Search)
http://www.debian.org/security/2009/dsa-1747
http://www.redhat.com/archives/fedora-package-announce/2009-April/msg00744.html
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg01113.html
http://www.mandriva.com/security/advisories?name=MDVSA-2009:080
http://ocert.org/patches/2008-015/glib-CVE-2008-4316.diff
http://www.openwall.com/lists/oss-security/2009/03/16/2
http://lists.vmware.com/pipermail/security-announce/2010/000082.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11401
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8360
http://www.redhat.com/support/errata/RHSA-2009-0336.html
http://www.securitytracker.com/id?1021884
http://secunia.com/advisories/34267
http://secunia.com/advisories/34317
http://secunia.com/advisories/34404
http://secunia.com/advisories/34416
http://secunia.com/advisories/34560
http://secunia.com/advisories/34854
http://secunia.com/advisories/34890
http://secunia.com/advisories/38794
http://secunia.com/advisories/38833
SuSE Security Announcement: SUSE-SA:2009:026 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00014.html
http://www.ubuntu.com/usn/usn-738-1
http://www.vupen.com/english/advisories/2010/0528
XForce ISS Database: glib-gbase64-bo(49272)
https://exchange.xforce.ibmcloud.com/vulnerabilities/49272
CopyrightCopyright (c) 2009 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.