Búsqueda de    
Vulnerabilidad   
    Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.59960
Categoría:Debian Local Security Checks
Título:Debian Security Advisory DSA 1426-1 (qt-x11-free)
Resumen:NOSUMMARY
Descripción:Description:
The remote host is missing an update to qt-x11-free
announced via advisory DSA 1426-1.

Several local/remote vulnerabilities have been discovered in the Qt GUI
Library. The Common Vulnerabilities and Exposures project identifies the
following problems:

CVE-2007-3388

Tim Brown and Dirk Müller discovered several format string
vulnerabilities in the handling of error messages, which might lead
to the execution of arbitrary code.

CVE-2007-4137

Dirk Müller discovered an off-by-one buffer overflow in the Unicode
handling, which might lead to the execution of arbitrary code.

For the old stable distribution (sarge), these problems have been fixed
in version 3:3.3.4-3sarge3. Packages for m68k will be provided later.

For the stable distribution (etch), these problems have been fixed in
version 3:3.3.7-4etch1.

For the unstable distribution (sid), these problems have been fixed in
version 3:3.3.7-8.

We recommend that you upgrade your qt-x11-free packages.

Solution:
http://www.securityspace.com/smysecure/catid.html?in=DSA%201426-1

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-3388
BugTraq ID: 25154
http://www.securityfocus.com/bid/25154
Bugtraq: 20070803 FLEA-2007-0042-1 qt (Google Search)
http://www.securityfocus.com/archive/1/475480/30/5550/threaded
Debian Security Information: DSA-1426 (Google Search)
http://www.debian.org/security/2007/dsa-1426
http://fedoranews.org/updates/FEDORA-2007-221.shtml
http://fedoranews.org/updates/FEDORA-2007-703.shtml
http://www.gentoo.org/security/en/glsa/glsa-200708-16.xml
http://www.gentoo.org/security/en/glsa/glsa-200710-28.xml
http://security.gentoo.org/glsa/glsa-200712-08.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:151
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9690
http://www.redhat.com/support/errata/RHSA-2007-0721.html
http://securitytracker.com/id?1018485
http://secunia.com/advisories/24460
http://secunia.com/advisories/26264
http://secunia.com/advisories/26284
http://secunia.com/advisories/26291
http://secunia.com/advisories/26295
http://secunia.com/advisories/26298
http://secunia.com/advisories/26306
http://secunia.com/advisories/26385
http://secunia.com/advisories/26607
http://secunia.com/advisories/26804
http://secunia.com/advisories/26852
http://secunia.com/advisories/26882
http://secunia.com/advisories/27996
http://secunia.com/advisories/28021
SGI Security Advisory: 20070801-01-P
ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc
http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.354168
SuSE Security Announcement: SUSE-SA:2007:048 (Google Search)
http://www.novell.com/linux/security/advisories/2007_48_qt3.html
http://www.ubuntu.com/usn/usn-495-1
http://www.vupen.com/english/advisories/2007/2733
Common Vulnerability Exposure (CVE) ID: CVE-2007-4137
BugTraq ID: 25657
http://www.securityfocus.com/bid/25657
Bugtraq: 20071004 FLEA-2007-0059-1 qt qt-tools (Google Search)
http://www.securityfocus.com/archive/1/481498/100/0/threaded
http://security.gentoo.org/glsa/glsa-200710-28.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:183
http://dist.trolltech.com/developer/download/175791_3.diff
http://dist.trolltech.com/developer/download/175791_4.diff
https://bugzilla.redhat.com/show_bug.cgi?id=269001
http://osvdb.org/39384
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11159
http://www.redhat.com/support/errata/RHSA-2007-0883.html
http://securitytracker.com/id?1018688
http://secunia.com/advisories/26778
http://secunia.com/advisories/26782
http://secunia.com/advisories/26811
http://secunia.com/advisories/26857
http://secunia.com/advisories/26868
http://secunia.com/advisories/26987
http://secunia.com/advisories/27053
http://secunia.com/advisories/27275
http://secunia.com/advisories/27382
SGI Security Advisory: 20070901-01-P
ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc
SuSE Security Announcement: SUSE-SR:2007:019 (Google Search)
http://www.novell.com/linux/security/advisories/2007_19_sr.html
http://www.ubuntu.com/usn/usn-513-1
http://www.vupen.com/english/advisories/2007/3144
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2024 E-Soft Inc. Todos los derechos reservados.