Test Kennung:	1.3.6.1.4.1.25623.1.0.66340
Kategorie:	FreeBSD Local Security Checks
Titel:	FreeBSD Ports: libvorbis
Zusammenfassung:	The remote host is missing an update to the system; as announced in the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: libvorbis CVE-2008-1420 Integer overflow in residue partition value (aka partvals) evaluation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to execute arbitrary code via a crafted OGG file, which triggers a heap overflow. CVE-2009-3379 Multiple unspecified vulnerabilities in libvorbis, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. NOTE: this might overlap CVE-2009-2663. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2008-1420 BugTraq ID: 29206 http://www.securityfocus.com/bid/29206 Debian Security Information: DSA-1591 (Google Search) http://www.debian.org/security/2008/dsa-1591 https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00247.html https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00256.html https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00243.html http://security.gentoo.org/glsa/glsa-200806-09.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:102 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9500 http://www.redhat.com/support/errata/RHSA-2008-0270.html http://www.redhat.com/support/errata/RHSA-2008-0271.html http://www.securitytracker.com/id?1020029 http://secunia.com/advisories/30234 http://secunia.com/advisories/30237 http://secunia.com/advisories/30247 http://secunia.com/advisories/30259 http://secunia.com/advisories/30479 http://secunia.com/advisories/30581 http://secunia.com/advisories/30820 http://secunia.com/advisories/32946 http://secunia.com/advisories/36463 SuSE Security Announcement: SUSE-SR:2008:012 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html http://www.ubuntu.com/usn/USN-682-1 https://usn.ubuntu.com/825-1/ http://www.vupen.com/english/advisories/2008/1510/references XForce ISS Database: libvorbis-residue-bo(42402) https://exchange.xforce.ibmcloud.com/vulnerabilities/42402 Common Vulnerability Exposure (CVE) ID: CVE-2009-3379 https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00315.html https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00369.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:294 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10993 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6582 http://www.redhat.com/support/errata/RHSA-2009-1561.html http://secunia.com/advisories/37306 http://secunia.com/advisories/37340 http://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1 http://www.ubuntu.com/usn/USN-861-1 http://www.vupen.com/english/advisories/2009/3334
Copyright	Copyright (C) 2009 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.