FreeBSD Local Security Checks : FreeBSD Ports: amaya

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.56650

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Ports: amaya

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following package is affected: amaya

CVE-2006-1900
Multiple buffer overflows in World Wide Web Consortium (W3C) Amaya
9.4, and possibly other versions including 8.x before 8.8.5, allow
remote attackers to execute arbitrary code via a long value in (1) the
COMPACT attribute of the COLGROUP element, (2) the ROWS attribute of
the TEXTAREA element, and (3) the COLOR attribute of the LEGEND
element, and via other unspecified attack vectors consisting of
'dozens of possible snippets.'

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
7.6

CVSS Vector:
AV:N/AC:H/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-1900
BugTraq ID: 17507
http://www.securityfocus.com/bid/17507
Bugtraq: 20060412 [BuHa-Security] Stack Based Buffer Overflow Vulnerability in Amaya 9.4 (Google Search)
http://www.securityfocus.com/archive/1/430877/100/0/threaded
Bugtraq: 20060412 [BuHa-Security] Stack Based Buffer Overflow Vulnerability in Amaya 9.4 #2 (Google Search)
http://www.securityfocus.com/archive/1/430879/100/0/threaded
http://morph3us.org/advisories/20060412-amaya-94-2.txt
http://morph3us.org/advisories/20060412-amaya-94.txt
http://www.osvdb.org/24623
http://www.osvdb.org/24624
http://secunia.com/advisories/19670
http://www.vupen.com/english/advisories/2006/1351
XForce ISS Database: amaya-various-attribute-bo(25791)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25791

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.56650
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: amaya
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: amaya CVE-2006-1900 Multiple buffer overflows in World Wide Web Consortium (W3C) Amaya 9.4, and possibly other versions including 8.x before 8.8.5, allow remote attackers to execute arbitrary code via a long value in (1) the COMPACT attribute of the COLGROUP element, (2) the ROWS attribute of the TEXTAREA element, and (3) the COLOR attribute of the LEGEND element, and via other unspecified attack vectors consisting of 'dozens of possible snippets.' Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 7.6 CVSS Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-1900 BugTraq ID: 17507 http://www.securityfocus.com/bid/17507 Bugtraq: 20060412 [BuHa-Security] Stack Based Buffer Overflow Vulnerability in Amaya 9.4 (Google Search) http://www.securityfocus.com/archive/1/430877/100/0/threaded Bugtraq: 20060412 [BuHa-Security] Stack Based Buffer Overflow Vulnerability in Amaya 9.4 #2 (Google Search) http://www.securityfocus.com/archive/1/430879/100/0/threaded http://morph3us.org/advisories/20060412-amaya-94-2.txt http://morph3us.org/advisories/20060412-amaya-94.txt http://www.osvdb.org/24623 http://www.osvdb.org/24624 http://secunia.com/advisories/19670 http://www.vupen.com/english/advisories/2006/1351 XForce ISS Database: amaya-various-attribute-bo(25791) https://exchange.xforce.ibmcloud.com/vulnerabilities/25791
Copyright	Copyright (C) 2008 E-Soft Inc.