| Beschreibung: | Summary:
The remote host is missing an update to printer-drivers
announced via advisory MDVSA-2009:096-1.
Vulnerability Insight:
A buffer underflow in Ghostscript's CCITTFax decoding filter allows
remote attackers to cause denial of service and possibly to execute
arbitrary by using a crafted PDF file (CVE-2007-6725).
Multiple integer overflows in Ghostscript's International Color
Consortium Format Library (icclib) allows attackers to cause denial
of service (heap-based buffer overflow and application crash) and
possibly execute arbitrary code by using either a PostScript or PDF
file with crafte embedded images (CVE-2009-0583, CVE-2009-0584).
Multiple integer overflows in Ghostscript's International Color
Consortium Format Library (icclib) allows attackers to cause denial
of service (heap-based buffer overflow and application crash) and
possibly execute arbitrary code by using either a PostScript or PDF
file with crafte embedded images. Note: this issue exists because of
an incomplete fix for CVE-2009-0583 (CVE-2009-0792).
This update provides fixes for that vulnerabilities.
Update:
The previous update went with a wrong require version of perl-base
in the foomatic-db-engine package. It is fixed on this update.
Affected: Corporate 3.0
Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
CVSS Score:
9.3
CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
