English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.51369
Categoría:Conectiva Local Security Checks
Título:Conectiva Security Advisory CLA-2004:875
Resumen:NOSUMMARY
Descripción:Description:

The remote host is missing updates announced in
advisory CLA-2004:875.

The gdk-pixbuf[1] library is a replacement for imlib with many
improvements.

A vulnerability found in the gdk-pixbuf bmp loader could allow a
specially crafted BMP image to hang applications in an infinite loop
(CVE-2004-0753[2]).

Chris Evans[3] found a heap-based overflow and a stack-based overflow
on gdk-pixbuf's xpm loader (CVE-2004-0782[4] and CVE-2004-0783[5]).

He also discovered an integer overflow in the ico loader of
gdk-pixbuf (CVE-2004-0788[6]).


Solution:
The apt tool can be used to perform RPM package upgrades
by running 'apt-get update' followed by 'apt-get upgrade'

http://developer.gnome.org/arch/imaging/gdkpixbuf.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0753
http://scary.beasts.org/security/CESA-2004-005.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0782
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0783
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0788
http://www.securityspace.com/smysecure/catid.html?in=CLA-2004:875
http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002004

Risk factor : High

CVSS Score:
7.5

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-0753
BugTraq ID: 11195
http://www.securityfocus.com/bid/11195
CERT/CC vulnerability note: VU#825374
http://www.kb.cert.org/vuls/id/825374
Conectiva Linux advisory: CLA-2004:875
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000875
Debian Security Information: DSA-546 (Google Search)
http://www.debian.org/security/2004/dsa-546
http://www.securityfocus.com/archive/1/419771/100/0/threaded
https://bugzilla.fedora.us/show_bug.cgi?id=2005
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095
http://www.mandriva.com/security/advisories?name=MDKSA-2005:214
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10585
http://www.redhat.com/support/errata/RHSA-2004-447.html
http://www.redhat.com/support/errata/RHSA-2004-466.html
http://secunia.com/advisories/17657
XForce ISS Database: gtk-bmp-dos(17383)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17383
Common Vulnerability Exposure (CVE) ID: CVE-2004-0782
Bugtraq: 20040915 CESA-2004-005: gtk+ XPM decoder (Google Search)
http://marc.info/?l=bugtraq&m=109528994916275&w=2
CERT/CC vulnerability note: VU#729894
http://www.kb.cert.org/vuls/id/729894
http://scary.beasts.org/security/CESA-2004-005.txt
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11539
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1617
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101776-1
XForce ISS Database: gtk-xpm-pixbufcreatefromxpm-bo(17386)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17386
Common Vulnerability Exposure (CVE) ID: CVE-2004-0783
CERT/CC vulnerability note: VU#369358
http://www.kb.cert.org/vuls/id/369358
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1786
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9348
XForce ISS Database: gtk-xpm-xpmextractcolor-bo(17385)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17385
Common Vulnerability Exposure (CVE) ID: CVE-2004-0788
CERT/CC vulnerability note: VU#577654
http://www.kb.cert.org/vuls/id/577654
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10506
XForce ISS Database: gtk-ico-integer-bo(17387)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17387
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.