English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.58948
Categoría:Red Hat Local Security Checks
Título:RedHat Security Advisory RHSA-2007:0845
Resumen:NOSUMMARY
Descripción:Description:

The remote host is missing updates announced in
advisory RHSA-2007:0845.

The libvorbis package contains runtime libraries for use in programs that
support Ogg Voribs. Ogg Vorbis is a fully open, non-proprietary, patent-and
royalty-free, general-purpose compressed audio format.

Several flaws were found in the way libvorbis processed audio data. An
attacker could create a carefully crafted OGG audio file in such a way that
it could cause an application linked with libvorbis to crash or execute
arbitrary code when it was opened. (CVE-2007-3106, CVE-2007-4029,
CVE-2007-4065, CVE-2007-4066)

Users of libvorbis are advised to upgrade to this updated package, which
contains backported patches that resolve these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2007-0845.html
http://www.redhat.com/security/updates/classification/#important

Risk factor : High

CVSS Score:
6.8

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-3106
20070726 libvorbis 1.1.2 - Multiple memory corruption flaws
http://www.securityfocus.com/archive/1/474729/100/0/threaded
24923
http://secunia.com/advisories/24923
25082
http://www.securityfocus.com/bid/25082
26087
http://secunia.com/advisories/26087
26232
http://secunia.com/advisories/26232
26299
http://secunia.com/advisories/26299
26429
http://secunia.com/advisories/26429
26535
http://secunia.com/advisories/26535
26865
http://secunia.com/advisories/26865
27099
http://secunia.com/advisories/27099
28614
http://secunia.com/advisories/28614
ADV-2007-2698
http://www.vupen.com/english/advisories/2007/2698
ADV-2007-2760
http://www.vupen.com/english/advisories/2007/2760
DSA-1471
http://www.debian.org/security/2008/dsa-1471
GLSA-200710-03
http://security.gentoo.org/glsa/glsa-200710-03.xml
MDKSA-2007:167-1
http://www.mandriva.com/security/advisories?name=MDKSA-2007:167-1
RHSA-2007:0845
http://www.redhat.com/support/errata/RHSA-2007-0845.html
RHSA-2007:0912
http://www.redhat.com/support/errata/RHSA-2007-0912.html
USN-498-1
http://www.ubuntu.com/usn/usn-498-1
http://www.isecpartners.com/advisories/2007-003-libvorbis.txt
http://www.tellini.org/blog/archives/32-Music-Box-1.6.html
https://bugzilla.redhat.com/show_bug.cgi?id=245991
https://bugzilla.redhat.com/show_bug.cgi?id=249780
https://issues.rpath.com/browse/RPL-1590
https://trac.xiph.org/changeset/13160
libvorbis-inverse-code-execution(35622)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35622
oval:org.mitre.oval:def:11449
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11449
Common Vulnerability Exposure (CVE) ID: CVE-2007-4029
1018712
http://securitytracker.com/id?1018712
27439
http://secunia.com/advisories/27439
SUSE-SR:2007:023
http://www.novell.com/linux/security/advisories/2007_23_sr.html
libvorbis-blocksize-code-execution(35624)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35624
libvorbis-infoclear-code-execution(35623)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35623
oval:org.mitre.oval:def:10570
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10570
Common Vulnerability Exposure (CVE) ID: CVE-2007-4065
27170
http://secunia.com/advisories/27170
MDKSA-2007:194
http://www.mandriva.com/security/advisories?name=MDKSA-2007:194
http://svn.xiph.org/trunk/vorbis/CHANGES
https://trac.xiph.org/changeset/13217
oval:org.mitre.oval:def:9173
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9173
Common Vulnerability Exposure (CVE) ID: CVE-2007-4066
https://trac.xiph.org/changeset/13162
https://trac.xiph.org/changeset/13168
https://trac.xiph.org/changeset/13169
https://trac.xiph.org/changeset/13170
https://trac.xiph.org/changeset/13172
https://trac.xiph.org/changeset/13211
https://trac.xiph.org/changeset/13215
https://trac.xiph.org/ticket/300
https://trac.xiph.org/ticket/853
oval:org.mitre.oval:def:11453
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11453
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.