Debian Local Security Checks : Debian Security Advisory DSA 628-1 (imlib2)

Resumen de Precio/Funciones | Ordenar | Nuevas Vulnerabilidades | Confidencialidad | Búsqueda de Vulnerabilidad

Búsqueda de Vulnerabilidad		Buscar 61204 Descripciones CVE y 32582 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.53466

Categoría: Debian Local Security Checks

Título: Debian Security Advisory DSA 628-1 (imlib2)

Resumen: Debian Security Advisory DSA 628-1 (imlib2)

Descripción: The remote host is missing an update to imlib2
announced via advisory DSA 628-1.

Pavel Kankovsky discovered that several overflows found in the libXpm
library were also present in imlib and imlib2, imaging libraries for
X11. An attacker could create a carefully crafted image file in such
a way that it could cause an application linked with imlib or imlib2
to execute arbitrary code when the file was opened by a victim. The
Common Vulnerabilities and Exposures project identifies the following
problems:

CVE-2004-1025

Multiple heap-based buffer overflows. No such code is present in
imlib2.

CVE-2004-1026

Multiple integer overflows in the imlib library.

For the stable distribution (woody) these problems have been fixed in
version 1.0.5-2woody2.

For the unstable distribution (sid) these problems will be fixed soon.

We recommend that you upgrade your imlib2 packages.

Solution:
http://www.securityspace.com/smysecure/catid.html?in=DSA%20628-1

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-1026
Debian Security Information: DSA-628 (Google Search)
http://www.debian.org/security/2005/dsa-628
http://www.gentoo.org/security/en/glsa/glsa-200412-03.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2005:007
http://www.redhat.com/support/errata/RHSA-2004-651.html
BugTraq ID: 11830
http://www.securityfocus.com/bid/11830
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10771
Common Vulnerability Exposure (CVE) ID: CVE-2004-1025
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10786

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 32582 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

Registro de Nuevo Usuario
Email:

Usuario:

Contraseña:

Envíeme por email sus boletines mensuales, informándome los últimos servicios, mejoras y encuestas.

Por favor envíeme por email un anuncio de prueba de vulnerabilidades siempre que se agregue una nueva prueba.

Privacidad

Ingreso de Usuario Registrado

Usuario:

Contraseña:

¿Olvidó su usuario o contraseña??

Email/ID de Usario:

ID de Prueba:	1.3.6.1.4.1.25623.1.0.53466
Categoría:	Debian Local Security Checks
Título:	Debian Security Advisory DSA 628-1 (imlib2)
Resumen:	Debian Security Advisory DSA 628-1 (imlib2)
Descripción:	The remote host is missing an update to imlib2 announced via advisory DSA 628-1. Pavel Kankovsky discovered that several overflows found in the libXpm library were also present in imlib and imlib2, imaging libraries for X11. An attacker could create a carefully crafted image file in such a way that it could cause an application linked with imlib or imlib2 to execute arbitrary code when the file was opened by a victim. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2004-1025 Multiple heap-based buffer overflows. No such code is present in imlib2. CVE-2004-1026 Multiple integer overflows in the imlib library. For the stable distribution (woody) these problems have been fixed in version 1.0.5-2woody2. For the unstable distribution (sid) these problems will be fixed soon. We recommend that you upgrade your imlib2 packages. Solution: http://www.securityspace.com/smysecure/catid.html?in=DSA%20628-1
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-1026 Debian Security Information: DSA-628 (Google Search) http://www.debian.org/security/2005/dsa-628 http://www.gentoo.org/security/en/glsa/glsa-200412-03.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:007 http://www.redhat.com/support/errata/RHSA-2004-651.html BugTraq ID: 11830 http://www.securityfocus.com/bid/11830 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10771 Common Vulnerability Exposure (CVE) ID: CVE-2004-1025 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10786
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com