Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2005:185 (koffice)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.55645

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDKSA-2005:185 (koffice)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to koffice
announced via advisory MDKSA-2005:185.

Chris Evans reported a heap based buffer overflow in the RTF importer
of KWord. An attacker could provide a specially crafted RTF file, which
when opened in KWord can cause execution of abitrary code.

The updated packages are patched to deal with these issues.

Affected versions: 10.2, 2006.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2005:185

Risk factor : High

CVSS Score:
7.5

Referencia Cruzada: BugTraq ID: 15060
Common Vulnerability Exposure (CVE) ID: CVE-2005-2971
http://www.securityfocus.com/bid/15060
Debian Security Information: DSA-872 (Google Search)
http://www.debian.org/security/2005/dsa-872
http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00042.html
http://www.gentoo.org/security/en/glsa/glsa-200510-12.xml
http://scary.beasts.org/security/CESA-2005-005.txt
http://securitytracker.com/id?1015035
http://secunia.com/advisories/17145/
http://secunia.com/advisories/17171
http://secunia.com/advisories/17190
http://secunia.com/advisories/17212
http://secunia.com/advisories/17332
http://secunia.com/advisories/17480
http://secunia.com/advisories/17486
http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.388487
SuSE Security Announcement: SUSE-SR:2005:025 (Google Search)
http://www.novell.com/linux/security/advisories/2005_25_sr.html
https://usn.ubuntu.com/202-1/
XForce ISS Database: koffice-kword-rtf-importer-bo(22562)
https://exchange.xforce.ibmcloud.com/vulnerabilities/22562

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.55645
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2005:185 (koffice)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to koffice announced via advisory MDKSA-2005:185. Chris Evans reported a heap based buffer overflow in the RTF importer of KWord. An attacker could provide a specially crafted RTF file, which when opened in KWord can cause execution of abitrary code. The updated packages are patched to deal with these issues. Affected versions: 10.2, 2006.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2005:185 Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	BugTraq ID: 15060 Common Vulnerability Exposure (CVE) ID: CVE-2005-2971 http://www.securityfocus.com/bid/15060 Debian Security Information: DSA-872 (Google Search) http://www.debian.org/security/2005/dsa-872 http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00042.html http://www.gentoo.org/security/en/glsa/glsa-200510-12.xml http://scary.beasts.org/security/CESA-2005-005.txt http://securitytracker.com/id?1015035 http://secunia.com/advisories/17145/ http://secunia.com/advisories/17171 http://secunia.com/advisories/17190 http://secunia.com/advisories/17212 http://secunia.com/advisories/17332 http://secunia.com/advisories/17480 http://secunia.com/advisories/17486 http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.388487 SuSE Security Announcement: SUSE-SR:2005:025 (Google Search) http://www.novell.com/linux/security/advisories/2005_25_sr.html https://usn.ubuntu.com/202-1/ XForce ISS Database: koffice-kword-rtf-importer-bo(22562) https://exchange.xforce.ibmcloud.com/vulnerabilities/22562
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com