Red Hat Local Security Checks : RedHat Security Advisory RHSA-2007:0975

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.58965

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2007:0975

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory RHSA-2007:0975.

FLAC is a Free Lossless Audio Codec. The flac package consists of a FLAC
encoder and decoder in library form, a program to encode and decode FLAC
files, a metadata editor for FLAC files and input plugins for various music
players.

A security flaw was found in the way flac processed audio data. An
attacker could create a carefully crafted FLAC audio file in such a way that
it could cause an application linked with flac libraries to crash or execute
arbitrary code when it was opened. (CVE-2007-4619)

Users of flac are advised to upgrade to this updated package, which
contains a backported patch that resolves this issue.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2007-0975.html
http://www.redhat.com/security/updates/classification/#important

Risk factor : Critical

CVSS Score:
9.3

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-4619
BugTraq ID: 26042
http://www.securityfocus.com/bid/26042
Debian Security Information: DSA-1469 (Google Search)
http://www.debian.org/security/2008/dsa-1469
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00035.html
http://security.gentoo.org/glsa/glsa-200711-15.xml
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=608
http://www.mandriva.com/security/advisories?name=MDKSA-2007:214
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10571
http://www.redhat.com/support/errata/RHSA-2007-0975.html
http://securitytracker.com/id?1018815
http://secunia.com/advisories/27210
http://secunia.com/advisories/27223
http://secunia.com/advisories/27355
http://secunia.com/advisories/27399
http://secunia.com/advisories/27507
http://secunia.com/advisories/27601
http://secunia.com/advisories/27625
http://secunia.com/advisories/27628
http://secunia.com/advisories/27780
http://secunia.com/advisories/27878
http://secunia.com/advisories/28548
SuSE Security Announcement: SUSE-SR:2007:022 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html
http://www.ubuntu.com/usn/usn-540-1
http://www.vupen.com/english/advisories/2007/3483
http://www.vupen.com/english/advisories/2007/3484
http://www.vupen.com/english/advisories/2007/4061
XForce ISS Database: flac-media-files-bo(37187)
https://exchange.xforce.ibmcloud.com/vulnerabilities/37187

Copyright Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.58965
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2007:0975
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2007:0975. FLAC is a Free Lossless Audio Codec. The flac package consists of a FLAC encoder and decoder in library form, a program to encode and decode FLAC files, a metadata editor for FLAC files and input plugins for various music players. A security flaw was found in the way flac processed audio data. An attacker could create a carefully crafted FLAC audio file in such a way that it could cause an application linked with flac libraries to crash or execute arbitrary code when it was opened. (CVE-2007-4619) Users of flac are advised to upgrade to this updated package, which contains a backported patch that resolves this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2007-0975.html http://www.redhat.com/security/updates/classification/#important Risk factor : Critical CVSS Score: 9.3
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-4619 BugTraq ID: 26042 http://www.securityfocus.com/bid/26042 Debian Security Information: DSA-1469 (Google Search) http://www.debian.org/security/2008/dsa-1469 https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00035.html http://security.gentoo.org/glsa/glsa-200711-15.xml http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=608 http://www.mandriva.com/security/advisories?name=MDKSA-2007:214 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10571 http://www.redhat.com/support/errata/RHSA-2007-0975.html http://securitytracker.com/id?1018815 http://secunia.com/advisories/27210 http://secunia.com/advisories/27223 http://secunia.com/advisories/27355 http://secunia.com/advisories/27399 http://secunia.com/advisories/27507 http://secunia.com/advisories/27601 http://secunia.com/advisories/27625 http://secunia.com/advisories/27628 http://secunia.com/advisories/27780 http://secunia.com/advisories/27878 http://secunia.com/advisories/28548 SuSE Security Announcement: SUSE-SR:2007:022 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html http://www.ubuntu.com/usn/usn-540-1 http://www.vupen.com/english/advisories/2007/3483 http://www.vupen.com/english/advisories/2007/3484 http://www.vupen.com/english/advisories/2007/4061 XForce ISS Database: flac-media-files-bo(37187) https://exchange.xforce.ibmcloud.com/vulnerabilities/37187
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com