Red Hat Local Security Checks : RedHat Security Advisory RHSA-2005:393

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.52706

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2005:393

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory RHSA-2005:393.

KDE is a graphical desktop environment for the X Window System. Konqueror
is the file manager for the K Desktop Environment.

A source code audit performed by the KDE security team discovered several
vulnerabilities in the PCX and other image file format readers.

A buffer overflow was found in the kimgio library for KDE 3.4.0. An
attacker could create a carefully crafted PCX image in such a way that it
would cause kimgio to execute arbitrary code when processing the image.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2005-1046 to this issue.

All users of kdelibs should upgrade to these updated packages, which
contain a backported security patch to correct these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2005-393.html
http://bugs.kde.org/102328

Risk factor : High

CVSS Score:
7.5

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2005-1046
BugTraq ID: 13096
http://www.securityfocus.com/bid/13096
Debian Security Information: DSA-714 (Google Search)
http://www.debian.org/security/2005/dsa-714
http://www.securityfocus.com/archive/1/427976/100/0/threaded
http://bugs.kde.org/show_bug.cgi?id=102328
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11081
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5802
http://www.redhat.com/support/errata/RHSA-2005-393.html
http://secunia.com/advisories/14908
http://secunia.com/advisories/28114
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103170-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201320-1
SuSE Security Announcement: SUSE-SA:2005:022 (Google Search)
http://www.novell.com/linux/security/advisories/2005_22_kdelibs3.html
http://www.vupen.com/english/advisories/2005/0331
http://www.vupen.com/english/advisories/2007/4241

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.52706
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2005:393
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2005:393. KDE is a graphical desktop environment for the X Window System. Konqueror is the file manager for the K Desktop Environment. A source code audit performed by the KDE security team discovered several vulnerabilities in the PCX and other image file format readers. A buffer overflow was found in the kimgio library for KDE 3.4.0. An attacker could create a carefully crafted PCX image in such a way that it would cause kimgio to execute arbitrary code when processing the image. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-1046 to this issue. All users of kdelibs should upgrade to these updated packages, which contain a backported security patch to correct these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2005-393.html http://bugs.kde.org/102328 Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-1046 BugTraq ID: 13096 http://www.securityfocus.com/bid/13096 Debian Security Information: DSA-714 (Google Search) http://www.debian.org/security/2005/dsa-714 http://www.securityfocus.com/archive/1/427976/100/0/threaded http://bugs.kde.org/show_bug.cgi?id=102328 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11081 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5802 http://www.redhat.com/support/errata/RHSA-2005-393.html http://secunia.com/advisories/14908 http://secunia.com/advisories/28114 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103170-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201320-1 SuSE Security Announcement: SUSE-SA:2005:022 (Google Search) http://www.novell.com/linux/security/advisories/2005_22_kdelibs3.html http://www.vupen.com/english/advisories/2005/0331 http://www.vupen.com/english/advisories/2007/4241
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com