Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200704-10 (Inkscape)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.58216

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200704-10 (Inkscape)

Resumen: The remote host is missing updates announced in;advisory GLSA 200704-10.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200704-10.

Vulnerability Insight:
Two format string vulnerabilities have been discovered in Inkscape,
allowing for user-assisted execution of arbitrary code.

Solution:
All Inkscape users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=media-gfx/inkscape-0.45.1'

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-1463
BugTraq ID: 23070
http://www.securityfocus.com/bid/23070
BugTraq ID: 23138
http://www.securityfocus.com/bid/23138
Bugtraq: 20070324 FLEA-2007-0002-1: inkscape (Google Search)
http://www.securityfocus.com/archive/1/463710/100/0/threaded
http://www.gentoo.org/security/en/glsa/glsa-200704-10.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:069
http://secunia.com/advisories/24584
http://secunia.com/advisories/24597
http://secunia.com/advisories/24615
http://secunia.com/advisories/24661
http://secunia.com/advisories/24859
http://secunia.com/advisories/25072
SuSE Security Announcement: SUSE-SR:2007:008 (Google Search)
http://www.novell.com/linux/security/advisories/2007_8_sr.html
http://www.ubuntu.com/usn/usn-438-1
http://www.vupen.com/english/advisories/2007/1059
XForce ISS Database: inkscape-dialogs-format-string(33163)
https://exchange.xforce.ibmcloud.com/vulnerabilities/33163
Common Vulnerability Exposure (CVE) ID: CVE-2007-1464
XForce ISS Database: inkscape-jabber-format-string(33164)
https://exchange.xforce.ibmcloud.com/vulnerabilities/33164

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.58216
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200704-10 (Inkscape)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200704-10.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200704-10. Vulnerability Insight: Two format string vulnerabilities have been discovered in Inkscape, allowing for user-assisted execution of arbitrary code. Solution: All Inkscape users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-gfx/inkscape-0.45.1' CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-1463 BugTraq ID: 23070 http://www.securityfocus.com/bid/23070 BugTraq ID: 23138 http://www.securityfocus.com/bid/23138 Bugtraq: 20070324 FLEA-2007-0002-1: inkscape (Google Search) http://www.securityfocus.com/archive/1/463710/100/0/threaded http://www.gentoo.org/security/en/glsa/glsa-200704-10.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:069 http://secunia.com/advisories/24584 http://secunia.com/advisories/24597 http://secunia.com/advisories/24615 http://secunia.com/advisories/24661 http://secunia.com/advisories/24859 http://secunia.com/advisories/25072 SuSE Security Announcement: SUSE-SR:2007:008 (Google Search) http://www.novell.com/linux/security/advisories/2007_8_sr.html http://www.ubuntu.com/usn/usn-438-1 http://www.vupen.com/english/advisories/2007/1059 XForce ISS Database: inkscape-dialogs-format-string(33163) https://exchange.xforce.ibmcloud.com/vulnerabilities/33163 Common Vulnerability Exposure (CVE) ID: CVE-2007-1464 XForce ISS Database: inkscape-jabber-format-string(33164) https://exchange.xforce.ibmcloud.com/vulnerabilities/33164
Copyright	Copyright (C) 2008 E-Soft Inc.