ID de Prueba:	1.3.6.1.4.1.25623.1.0.58946
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2007:0883
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2007:0883. Qt is a software toolkit that simplifies the task of writing and maintaining GUI (Graphical User Interface) applications for the X Window System. A flaw was found in the way Qt expanded certain UTF8 characters. It was possible to prevent a Qt-based application from properly sanitizing user supplied input. This could, for example, result in a cross-site scripting attack against the Konqueror web browser. (CVE-2007-0242) A buffer overflow flaw was found in the way Qt expanded malformed Unicode strings. If an application linked against Qt parsed a malicious Unicode string, it could lead to a denial of service or possibly allow the execution of arbitrary code. (CVE-2007-4137) Users of Qt should upgrade to these updated packages, which contain a backported patch to correct these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2007-0883.html http://www.redhat.com/security/updates/classification/#important Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-0242 BugTraq ID: 23269 http://www.securityfocus.com/bid/23269 Debian Security Information: DSA-1292 (Google Search) http://www.debian.org/security/2007/dsa-1292 http://fedoranews.org/updates/FEDORA-2007-703.shtml http://www.mandriva.com/security/advisories?name=MDKSA-2007:074 http://www.mandriva.com/security/advisories?name=MDKSA-2007:075 http://www.mandriva.com/security/advisories?name=MDKSA-2007:076 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11510 http://www.redhat.com/support/errata/RHSA-2007-0883.html http://www.redhat.com/support/errata/RHSA-2007-0909.html RedHat Security Advisories: RHSA-2011:1324 http://rhn.redhat.com/errata/RHSA-2011-1324.html http://secunia.com/advisories/24699 http://secunia.com/advisories/24705 http://secunia.com/advisories/24726 http://secunia.com/advisories/24727 http://secunia.com/advisories/24759 http://secunia.com/advisories/24797 http://secunia.com/advisories/24847 http://secunia.com/advisories/24889 http://secunia.com/advisories/25263 http://secunia.com/advisories/26804 http://secunia.com/advisories/26857 http://secunia.com/advisories/27108 http://secunia.com/advisories/27275 http://secunia.com/advisories/46117 SGI Security Advisory: 20070901-01-P ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.348591 SuSE Security Announcement: SUSE-SR:2007:006 (Google Search) http://www.novell.com/linux/security/advisories/2007_6_sr.html http://www.ubuntu.com/usn/usn-452-1 http://www.vupen.com/english/advisories/2007/1212 XForce ISS Database: qt-utf8-xss(33397) https://exchange.xforce.ibmcloud.com/vulnerabilities/33397 Common Vulnerability Exposure (CVE) ID: CVE-2007-4137 1018688 http://securitytracker.com/id?1018688 20070901-01-P 20071004 FLEA-2007-0059-1 qt qt-tools http://www.securityfocus.com/archive/1/481498/100/0/threaded 25657 http://www.securityfocus.com/bid/25657 26778 http://secunia.com/advisories/26778 26782 http://secunia.com/advisories/26782 26804 26811 http://secunia.com/advisories/26811 26857 26868 http://secunia.com/advisories/26868 26882 http://secunia.com/advisories/26882 26987 http://secunia.com/advisories/26987 27053 http://secunia.com/advisories/27053 27275 27382 http://secunia.com/advisories/27382 27996 http://secunia.com/advisories/27996 28021 http://secunia.com/advisories/28021 39384 http://osvdb.org/39384 ADV-2007-3144 http://www.vupen.com/english/advisories/2007/3144 DSA-1426 http://www.debian.org/security/2007/dsa-1426 FEDORA-2007-2216 http://fedoranews.org/updates/FEDORA-2007-221.shtml FEDORA-2007-703 GLSA-200710-28 http://security.gentoo.org/glsa/glsa-200710-28.xml GLSA-200712-08 http://security.gentoo.org/glsa/glsa-200712-08.xml MDKSA-2007:183 http://www.mandriva.com/security/advisories?name=MDKSA-2007:183 RHSA-2007:0883 SUSE-SR:2007:019 http://www.novell.com/linux/security/advisories/2007_19_sr.html USN-513-1 http://www.ubuntu.com/usn/usn-513-1 http://bugs.gentoo.org/show_bug.cgi?id=192472 http://dist.trolltech.com/developer/download/175791_3.diff http://dist.trolltech.com/developer/download/175791_4.diff http://support.avaya.com/elmodocs2/security/ASA-2007-424.htm http://trolltech.com/company/newsroom/announcements/press.2007-09-03.7564032119 https://bugzilla.redhat.com/show_bug.cgi?id=269001 https://issues.rpath.com/browse/RPL-1751 oval:org.mitre.oval:def:11159 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11159
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.