ID de Prueba:	1.3.6.1.4.1.25623.1.0.56180
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2006:0184
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2006:0184. A heap overflow flaw was discovered affecting kjs, the JavaScript interpreter engine used by Konqueror and other parts of KDE. An attacker could create a malicious web site containing carefully crafted JavaScript code that would trigger this flaw and possibly lead to arbitrary code execution. The Common Vulnerabilities and Exposures project assigned the name CVE-2006-0019 to this issue. NOTE: this issue does not affect KDE in Red Hat Enterprise Linux 3 or 2.1. Users of KDE should upgrade to these updated packages, which contain a backported patch from the KDE security team correcting this issue as well as two bug fixes. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2006-0184.html http://www.kde.org/info/security/advisory-20060119-1.txt Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	BugTraq ID: 16325 Common Vulnerability Exposure (CVE) ID: CVE-2006-0019 1015512 http://securitytracker.com/id?1015512 16325 http://www.securityfocus.com/bid/16325 18500 http://secunia.com/advisories/18500 18540 http://secunia.com/advisories/18540 18552 http://secunia.com/advisories/18552 18559 http://secunia.com/advisories/18559 18561 http://secunia.com/advisories/18561 18570 http://secunia.com/advisories/18570 18583 http://secunia.com/advisories/18583 18899 http://secunia.com/advisories/18899 20060119 [KDE Security Advisory] kjs encodeuri/decodeuri heap overflow http://www.securityfocus.com/archive/1/422464/100/0/threaded 22659 http://www.osvdb.org/22659 364 http://securityreason.com/securityalert/364 ADV-2006-0265 http://www.vupen.com/english/advisories/2006/0265 DSA-948 http://www.debian.org/security/2006/dsa-948 FLSA:178606 http://www.securityfocus.com/archive/1/427976/100/0/threaded GLSA-200601-11 http://www.gentoo.org/security/en/glsa/glsa-200601-11.xml MDKSA-2006:019 http://www.mandriva.com/security/advisories?name=MDKSA-2006:019 RHSA-2006:0184 http://www.redhat.com/support/errata/RHSA-2006-0184.html SSA:2006-045-05 http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.361107 SUSE-SA:2006:003 http://www.securityfocus.com/archive/1/422489/100/0/threaded USN-245-1 http://www.ubuntu.com/usn/usn-245-1 ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.3-kdelibs-kjs.diff http://www.kde.org/info/security/advisory-20060119-1.txt kde-kjs-bo(24242) https://exchange.xforce.ibmcloud.com/vulnerabilities/24242 oval:org.mitre.oval:def:11858 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11858
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.