English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 145615 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.66493
Kategorie:Mandrake Local Security Checks
Titel:Mandriva Security Advisory MDVSA-2009:331 (kdegraphics)
Zusammenfassung:The remote host is missing an update to kdegraphics;announced via advisory MDVSA-2009:331.
Beschreibung:Summary:
The remote host is missing an update to kdegraphics
announced via advisory MDVSA-2009:331.

Vulnerability Insight:
Multiple vulnerabilities has been found and corrected in kdegraphics:

Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2
and earlier allow remote attackers to cause a denial of service
(crash) via a crafted PDF file, related to (1) setBitmap and (2)
readSymbolDictSeg (CVE-2009-0146).

Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and
earlier allow remote attackers to cause a denial of service (crash)
via a crafted PDF file (CVE-2009-0147).

The JBIG2 decoder in Xpdf 3.02pl2 and earlier allows remote attackers
to cause a denial of service (crash) via a crafted PDF file that
triggers a free of uninitialized memory (CVE-2009-0166).

Multiple integer overflows in the pdftops filter in CUPS 1.1.17,
1.1.22, and 1.3.7 allow remote attackers to cause a denial of service
(application crash) or possibly execute arbitrary code via a crafted
PDF file that triggers a heap-based buffer overflow, possibly
related to (1) Decrypt.cxx, (2) FoFiTrueType.cxx, (3) gmem.c, (4)
JBIG2Stream.cxx, and (5) PSOutputDev.cxx in pdftops/. NOTE: the
JBIG2Stream.cxx vector may overlap CVE-2009-1179. (CVE-2009-0791).

Use-after-free vulnerability in the garbage-collection implementation
in WebCore in WebKit in Apple Safari before 4.0 allows remote
attackers to execute arbitrary code or cause a denial of service
(heap corruption and application crash) via an SVG animation element,
related to SVG set objects, SVG marker elements, the targetElement
attribute, and unspecified caches. (CVE-2009-1709).

WebKit, as used in Safari before 3.2.3 and 4 Public Beta, on Apple
Mac OS X 10.4.11 and 10.5 before 10.5.7 and Windows allows remote
attackers to execute arbitrary code via a crafted SVGList object that
triggers memory corruption (CVE-2009-0945).

This update provides a solution to this vulnerability.

Affected: Corporate 4.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2009-0146
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html
BugTraq ID: 34568
http://www.securityfocus.com/bid/34568
Bugtraq: 20090417 rPSA-2009-0059-1 poppler (Google Search)
http://www.securityfocus.com/archive/1/502761/100/0/threaded
Bugtraq: 20090417 rPSA-2009-0061-1 cups (Google Search)
http://www.securityfocus.com/archive/1/502750/100/0/threaded
Cert/CC Advisory: TA09-133A
http://www.us-cert.gov/cas/techalerts/TA09-133A.html
Debian Security Information: DSA-1790 (Google Search)
http://www.debian.org/security/2009/dsa-1790
Debian Security Information: DSA-1793 (Google Search)
http://www.debian.org/security/2009/dsa-1793
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html
http://security.gentoo.org/glsa/glsa-200904-20.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2009:101
http://www.mandriva.com/security/advisories?name=MDVSA-2010:087
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9632
http://www.redhat.com/support/errata/RHSA-2009-0429.html
http://www.redhat.com/support/errata/RHSA-2009-0430.html
http://www.redhat.com/support/errata/RHSA-2009-0431.html
RedHat Security Advisories: RHSA-2009:0458
http://rhn.redhat.com/errata/RHSA-2009-0458.html
http://www.redhat.com/support/errata/RHSA-2009-0480.html
http://www.securitytracker.com/id?1022073
http://secunia.com/advisories/34291
http://secunia.com/advisories/34481
http://secunia.com/advisories/34755
http://secunia.com/advisories/34756
http://secunia.com/advisories/34852
http://secunia.com/advisories/34959
http://secunia.com/advisories/34963
http://secunia.com/advisories/34991
http://secunia.com/advisories/35037
http://secunia.com/advisories/35064
http://secunia.com/advisories/35065
http://secunia.com/advisories/35074
http://secunia.com/advisories/35618
http://secunia.com/advisories/35685
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477
SuSE Security Announcement: SUSE-SA:2009:024 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html
SuSE Security Announcement: SUSE-SR:2009:010 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
SuSE Security Announcement: SUSE-SR:2009:012 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
http://www.vupen.com/english/advisories/2009/1065
http://www.vupen.com/english/advisories/2009/1066
http://www.vupen.com/english/advisories/2009/1077
http://www.vupen.com/english/advisories/2009/1297
http://www.vupen.com/english/advisories/2009/1621
http://www.vupen.com/english/advisories/2010/1040
Common Vulnerability Exposure (CVE) ID: CVE-2009-0147
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9941
Common Vulnerability Exposure (CVE) ID: CVE-2009-0166
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9778
Common Vulnerability Exposure (CVE) ID: CVE-2009-1179
1022073
34291
34481
34568
34746
http://secunia.com/advisories/34746
34755
34756
34852
34959
34963
34991
35037
35064
35065
35379
http://secunia.com/advisories/35379
35618
35685
ADV-2009-1065
ADV-2009-1066
ADV-2009-1076
http://www.vupen.com/english/advisories/2009/1076
ADV-2009-1077
ADV-2009-1522
http://www.vupen.com/english/advisories/2009/1522
ADV-2009-1621
ADV-2010-1040
APPLE-SA-2009-06-08-1
http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html
APPLE-SA-2009-06-17-1
DSA-1790
DSA-1793
FEDORA-2009-6972
FEDORA-2009-6973
FEDORA-2009-6982
MDVSA-2009:101
MDVSA-2010:087
MDVSA-2011:175
http://www.mandriva.com/security/advisories?name=MDVSA-2011:175
RHSA-2009:0429
RHSA-2009:0430
RHSA-2009:0431
RHSA-2009:0458
RHSA-2009:0480
SSA:2009-129-01
SUSE-SA:2009:024
SUSE-SR:2009:010
SUSE-SR:2009:012
VU#196617
http://www.kb.cert.org/vuls/id/196617
http://poppler.freedesktop.org/releases.html
http://support.apple.com/kb/HT3613
http://support.apple.com/kb/HT3639
https://bugzilla.redhat.com/show_bug.cgi?id=495889
oval:org.mitre.oval:def:11892
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11892
Common Vulnerability Exposure (CVE) ID: CVE-2009-0791
1022326
http://securitytracker.com/id?1022326
35195
http://www.securityfocus.com/bid/35195
35340
http://secunia.com/advisories/35340
37023
http://secunia.com/advisories/37023
37028
http://secunia.com/advisories/37028
37037
http://secunia.com/advisories/37037
37043
http://secunia.com/advisories/37043
37077
http://secunia.com/advisories/37077
37079
http://secunia.com/advisories/37079
ADV-2009-1488
http://www.vupen.com/english/advisories/2009/1488
ADV-2009-2928
http://www.vupen.com/english/advisories/2009/2928
MDVSA-2009:334
http://www.mandriva.com/security/advisories?name=MDVSA-2009:334
RHSA-2009:1083
http://www.redhat.com/support/errata/RHSA-2009-1083.html
RHSA-2009:1500
https://rhn.redhat.com/errata/RHSA-2009-1500.html
RHSA-2009:1501
https://rhn.redhat.com/errata/RHSA-2009-1501.html
RHSA-2009:1502
https://rhn.redhat.com/errata/RHSA-2009-1502.html
RHSA-2009:1503
https://rhn.redhat.com/errata/RHSA-2009-1503.html
RHSA-2009:1512
https://rhn.redhat.com/errata/RHSA-2009-1512.html
cups-pdftops-filter-bo(50941)
https://exchange.xforce.ibmcloud.com/vulnerabilities/50941
https://bugzilla.redhat.com/show_bug.cgi?id=491840
oval:org.mitre.oval:def:10534
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10534
Common Vulnerability Exposure (CVE) ID: CVE-2009-1709
BugTraq ID: 35260
http://www.securityfocus.com/bid/35260
BugTraq ID: 35334
http://www.securityfocus.com/bid/35334
http://www.mandriva.com/security/advisories?name=MDVSA-2010:182
http://www.zerodayinitiative.com/advisories/ZDI-09-034/
http://osvdb.org/55013
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10162
http://www.redhat.com/support/errata/RHSA-2009-1130.html
http://securitytracker.com/id?1022345
http://secunia.com/advisories/35576
http://secunia.com/advisories/36461
http://secunia.com/advisories/43068
SuSE Security Announcement: SUSE-SR:2011:002 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
https://usn.ubuntu.com/823-1/
http://www.vupen.com/english/advisories/2011/0212
Common Vulnerability Exposure (CVE) ID: CVE-2009-0945
http://lists.apple.com/archives/security-announce/2009/May/msg00000.html
http://lists.apple.com/archives/security-announce/2009/May/msg00001.html
BugTraq ID: 34924
http://www.securityfocus.com/bid/34924
Bugtraq: 20090519 ZDI-09-022: Apple Safari Malformed SVGList Parsing Code Execution Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/503594/100/0/threaded
Debian Security Information: DSA-1950 (Google Search)
http://www.debian.org/security/2009/dsa-1950
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00303.html
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01177.html
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01196.html
http://www.zerodayinitiative.com/advisories/ZDI-09-022
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11584
http://www.securitytracker.com/id?1022207
http://secunia.com/advisories/35056
http://secunia.com/advisories/35095
http://secunia.com/advisories/35805
http://secunia.com/advisories/36062
http://secunia.com/advisories/36790
http://secunia.com/advisories/37746
http://www.ubuntu.com/usn/USN-822-1
http://www.ubuntu.com/usn/USN-836-1
http://www.ubuntu.com/usn/USN-857-1
http://www.vupen.com/english/advisories/2009/1298
http://www.vupen.com/english/advisories/2009/1321
XForce ISS Database: safari-webkit-svglist-bo(50477)
https://exchange.xforce.ibmcloud.com/vulnerabilities/50477
CopyrightCopyright (C) 2009 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.