ID de Prueba:	1.3.6.1.4.1.25623.1.0.60696
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2008:0090
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2008:0090. The International Components for Unicode (ICU) library provides robust and full-featured Unicode services. Will Drewry reported multiple flaws in the way libicu processed certain malformed regular expressions. If an application linked against ICU, such as OpenOffice.org, processed a carefully crafted regular expression, it may be possible to execute arbitrary code as the user running the application. (CVE-2007-4770, CVE-2007-4771) All users of icu should upgrade to these updated packages, which contain backported patches to resolve these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2008-0090.html http://www.redhat.com/security/updates/classification/#important Risk factor : Critical CVSS Score: 9.3
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-4770 BugTraq ID: 27455 http://www.securityfocus.com/bid/27455 Bugtraq: 20080206 rPSA-2008-0043-1 icu (Google Search) http://www.securityfocus.com/archive/1/487677/100/0/threaded Debian Security Information: DSA-1511 (Google Search) http://www.debian.org/security/2008/dsa-1511 https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00896.html https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00921.html http://security.gentoo.org/glsa/glsa-200803-20.xml http://security.gentoo.org/glsa/glsa-200805-16.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:026 http://sourceforge.net/mailarchive/message.php?msg_name=d03a2ffb0801221538x68825e42xb4a4aaf0fcccecbd%40mail.gmail.com https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11172 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5507 RedHat Security Advisories: RHSA-2008:0090 http://rhn.redhat.com/errata/RHSA-2008-0090.html http://securitytracker.com/id?1019269 http://secunia.com/advisories/28575 http://secunia.com/advisories/28615 http://secunia.com/advisories/28669 http://secunia.com/advisories/28783 http://secunia.com/advisories/29194 http://secunia.com/advisories/29242 http://secunia.com/advisories/29291 http://secunia.com/advisories/29294 http://secunia.com/advisories/29333 http://secunia.com/advisories/29852 http://secunia.com/advisories/29910 http://secunia.com/advisories/29987 http://secunia.com/advisories/30179 http://sunsolve.sun.com/search/document.do?assetkey=1-26-231641-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-233922-1 SuSE Security Announcement: SUSE-SA:2008:023 (Google Search) http://www.novell.com/linux/security/advisories/2008_23_openoffice.html SuSE Security Announcement: SUSE-SR:2008:005 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html http://www.ubuntu.com/usn/usn-591-1 http://www.vupen.com/english/advisories/2008/0282 http://www.vupen.com/english/advisories/2008/0807/references http://www.vupen.com/english/advisories/2008/1375/references XForce ISS Database: libicu-restackframes-dos(39938) https://exchange.xforce.ibmcloud.com/vulnerabilities/39938 Common Vulnerability Exposure (CVE) ID: CVE-2007-4771 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10507 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5431 XForce ISS Database: libicu-dointerval-bo(39936) https://exchange.xforce.ibmcloud.com/vulnerabilities/39936
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.