Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200510-12 (koffice, kword)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.55639

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200510-12 (koffice, kword)

Resumen: The remote host is missing updates announced in;advisory GLSA 200510-12.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200510-12.

Vulnerability Insight:
KOffice and KWord are vulnerable to a buffer overflow in the RTF importer,
potentially resulting in the execution of arbitrary code.

Solution:
All KOffice users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=app-office/koffice-1.4.1-r1'

All KWord users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=app-office/kword-1.4.1-r1'

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2005-2971
BugTraq ID: 15060
http://www.securityfocus.com/bid/15060
Debian Security Information: DSA-872 (Google Search)
http://www.debian.org/security/2005/dsa-872
http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00042.html
http://www.gentoo.org/security/en/glsa/glsa-200510-12.xml
http://scary.beasts.org/security/CESA-2005-005.txt
http://securitytracker.com/id?1015035
http://secunia.com/advisories/17145/
http://secunia.com/advisories/17171
http://secunia.com/advisories/17190
http://secunia.com/advisories/17212
http://secunia.com/advisories/17332
http://secunia.com/advisories/17480
http://secunia.com/advisories/17486
http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.388487
SuSE Security Announcement: SUSE-SR:2005:025 (Google Search)
http://www.novell.com/linux/security/advisories/2005_25_sr.html
https://usn.ubuntu.com/202-1/
XForce ISS Database: koffice-kword-rtf-importer-bo(22562)
https://exchange.xforce.ibmcloud.com/vulnerabilities/22562

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.55639
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200510-12 (koffice, kword)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200510-12.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200510-12. Vulnerability Insight: KOffice and KWord are vulnerable to a buffer overflow in the RTF importer, potentially resulting in the execution of arbitrary code. Solution: All KOffice users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-office/koffice-1.4.1-r1' All KWord users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-office/kword-1.4.1-r1' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-2971 BugTraq ID: 15060 http://www.securityfocus.com/bid/15060 Debian Security Information: DSA-872 (Google Search) http://www.debian.org/security/2005/dsa-872 http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00042.html http://www.gentoo.org/security/en/glsa/glsa-200510-12.xml http://scary.beasts.org/security/CESA-2005-005.txt http://securitytracker.com/id?1015035 http://secunia.com/advisories/17145/ http://secunia.com/advisories/17171 http://secunia.com/advisories/17190 http://secunia.com/advisories/17212 http://secunia.com/advisories/17332 http://secunia.com/advisories/17480 http://secunia.com/advisories/17486 http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.388487 SuSE Security Announcement: SUSE-SR:2005:025 (Google Search) http://www.novell.com/linux/security/advisories/2005_25_sr.html https://usn.ubuntu.com/202-1/ XForce ISS Database: koffice-kword-rtf-importer-bo(22562) https://exchange.xforce.ibmcloud.com/vulnerabilities/22562
Copyright	Copyright (C) 2008 E-Soft Inc.