 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.64533 |
| Kategorie: | Mandrake Local Security Checks |
| Titel: | Mandrake Security Advisory MDVSA-2009:190 (OpenEXR) |
| Zusammenfassung: | The remote host is missing an update to OpenEXR;announced via advisory MDVSA-2009:190. |
| Beschreibung: | Summary: The remote host is missing an update to OpenEXR announced via advisory MDVSA-2009:190. Vulnerability Insight: Multiple vulnerabilities has been found and corrected in OpenEXR: Multiple integer overflows in OpenEXR 1.2.2 and 1.6.1 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors that trigger heap-based buffer overflows, related to (1) the Imf::PreviewImage::PreviewImage function and (2) compressor constructors. NOTE: some of these details are obtained from third party information (CVE-2009-1720). The decompression implementation in the Imf::hufUncompress function in OpenEXR 1.2.2 and 1.6.1 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger a free of an uninitialized pointer (CVE-2009-1721). This update provides fixes for these vulnerabilities. Affected: 2008.1, 2009.0, 2009.1, Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2009-1720 http://lists.apple.com/archives/security-announce/2009/Aug/msg00001.html BugTraq ID: 35838 http://www.securityfocus.com/bid/35838 Cert/CC Advisory: TA09-218A http://www.us-cert.gov/cas/techalerts/TA09-218A.html Debian Security Information: DSA-1842 (Google Search) http://www.debian.org/security/2009/dsa-1842 https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01286.html https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01290.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:190 http://www.mandriva.com/security/advisories?name=MDVSA-2009:191 http://www.securitytracker.com/id?1022674 http://secunia.com/advisories/36030 http://secunia.com/advisories/36032 http://secunia.com/advisories/36096 http://secunia.com/advisories/36123 http://secunia.com/advisories/36753 SuSE Security Announcement: SUSE-SR:2009:014 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00000.html http://www.ubuntu.com/usn/USN-831-1 http://www.vupen.com/english/advisories/2009/2035 http://www.vupen.com/english/advisories/2009/2172 Common Vulnerability Exposure (CVE) ID: CVE-2009-1721 |
| Copyright | Copyright (C) 2009 E-Soft Inc. |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |