English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 145615 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.68245
Kategorie:Mandrake Local Security Checks
Titel:Mandriva Security Advisory MDVSA-2010:137 (freetype2)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:
The remote host is missing an update to freetype2
announced via advisory MDVSA-2010:137.

Multiple vulnerabilities has been found and corrected in freetype2:

Multiple integer underflows/overflows and heap buffer overflows was
discovered and fixed (CVE-2010-2497, CVE-2010-2498, CVE-2010-2499,
CVE-2010-2500, CVE-2010-2519).

A heap buffer overflow was discovered in the bytecode support. The
bytecode support is NOT enabled per default in Mandriva due to previous
patent claims, but packages by PLF is affected (CVE-2010-2520).

Packages for 2008.0 and 2009.0 are provided as of the Extended
Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages have been patched to correct these issues.

Affected: 2008.0, 2009.0, 2009.1, 2010.0, 2010.1, Corporate 4.0,
Enterprise Server 5.0


Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2010:137
http://savannah.nongnu.org/bugs/index.php?30082
http://savannah.nongnu.org/bugs/index.php?30083
http://savannah.nongnu.org/bugs/index.php?30106
http://savannah.nongnu.org/bugs/index.php?30248
http://savannah.nongnu.org/bugs/index.php?30249
http://savannah.nongnu.org/bugs/index.php?30263
http://savannah.nongnu.org/bugs/index.php?30306
http://savannah.nongnu.org/bugs/index.php?30361

Risk factor : High

CVSS Score:
6.8

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2010-2497
48951
http://secunia.com/advisories/48951
APPLE-SA-2010-11-10-1
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
DSA-2070
http://www.debian.org/security/2010/dsa-2070
MDVSA-2010:137
http://www.mandriva.com/security/advisories?name=MDVSA-2010:137
[freetype] 20100712 FreeType 2.4.0 has been released
http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html
[oss-security] 20100713 Multiple bugs in freetype
http://marc.info/?l=oss-security&m=127905701201340&w=2
[oss-security] 20100714 Re: Multiple bugs in freetype
http://marc.info/?l=oss-security&m=127909326909362&w=2
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7d3d2cc4fef72c6be9c454b3809c387e12b44cfc
http://support.apple.com/kb/HT4435
https://bugzilla.redhat.com/show_bug.cgi?id=613154
https://savannah.nongnu.org/bugs/?30082
https://savannah.nongnu.org/bugs/?30083
Common Vulnerability Exposure (CVE) ID: CVE-2010-2498
1024266
http://securitytracker.com/id?1024266
RHSA-2010:0578
http://www.redhat.com/support/errata/RHSA-2010-0578.html
USN-963-1
http://www.ubuntu.com/usn/USN-963-1
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=8d22746c9e5af80ff4304aef440986403a5072e2
https://bugzilla.redhat.com/show_bug.cgi?id=613160
https://savannah.nongnu.org/bugs/?30106
Common Vulnerability Exposure (CVE) ID: CVE-2010-2499
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=c69891a1345640096fbf396e8dd567fe879ce233
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f29f741efbba0a5ce2f16464f648fb8d026ed4c8
https://bugzilla.redhat.com/show_bug.cgi?id=613162
https://savannah.nongnu.org/bugs/?30248
https://savannah.nongnu.org/bugs/?30249
Common Vulnerability Exposure (CVE) ID: CVE-2010-2500
RHSA-2010:0577
http://www.redhat.com/support/errata/RHSA-2010-0577.html
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=6305b869d86ff415a33576df6d43729673c66eee
https://bugzilla.redhat.com/show_bug.cgi?id=613167
https://savannah.nongnu.org/bugs/?30263
Common Vulnerability Exposure (CVE) ID: CVE-2010-2519
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=5ef20c8c1d4de12a84b50ba497c2a358c90ec44b
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=b2ea64bcc6c385a8e8318f9c759450a07df58b6d
https://bugzilla.redhat.com/show_bug.cgi?id=613194
https://savannah.nongnu.org/bugs/?30306
Common Vulnerability Exposure (CVE) ID: CVE-2010-2520
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=888cd1843e935fe675cf2ac303116d4ed5b9d54b
https://bugzilla.redhat.com/show_bug.cgi?id=613198
https://savannah.nongnu.org/bugs/?30361
CopyrightCopyright (c) 2010 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.