Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200806-10 (freetype)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.61184

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200806-10 (freetype)

Resumen: The remote host is missing updates announced in;advisory GLSA 200806-10.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200806-10.

Vulnerability Insight:
Font parsing vulnerabilities in FreeType might lead to user-assisted
execution of arbitrary code.

Solution:
All FreeType users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=media-libs/freetype-2.3.6'

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-1806
http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html
http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
BugTraq ID: 29640
http://www.securityfocus.com/bid/29640
Bugtraq: 20080814 rPSA-2008-0255-1 freetype (Google Search)
http://www.securityfocus.com/archive/1/495497/100/0/threaded
Bugtraq: 20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues. (Google Search)
http://www.securityfocus.com/archive/1/495869/100/0/threaded
https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00717.html
https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00721.html
http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html
http://security.gentoo.org/glsa/glsa-200806-10.xml
http://security.gentoo.org/glsa/glsa-201209-25.xml
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=715
http://www.mandriva.com/security/advisories?name=MDVSA-2008:121
http://sourceforge.net/project/shownotes.php?group_id=3157&release_id=605780
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9321
http://www.redhat.com/support/errata/RHSA-2008-0556.html
http://www.redhat.com/support/errata/RHSA-2008-0558.html
http://securitytracker.com/id?1020238
http://secunia.com/advisories/30600
http://secunia.com/advisories/30721
http://secunia.com/advisories/30740
http://secunia.com/advisories/30766
http://secunia.com/advisories/30819
http://secunia.com/advisories/30821
http://secunia.com/advisories/30967
http://secunia.com/advisories/31479
http://secunia.com/advisories/31577
http://secunia.com/advisories/31707
http://secunia.com/advisories/31709
http://secunia.com/advisories/31711
http://secunia.com/advisories/31712
http://secunia.com/advisories/31823
http://secunia.com/advisories/31856
http://secunia.com/advisories/31900
http://secunia.com/advisories/33937
http://sunsolve.sun.com/search/document.do?assetkey=1-26-239006-1
SuSE Security Announcement: SUSE-SR:2008:014 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html
http://www.ubuntu.com/usn/usn-643-1
http://www.vupen.com/english/advisories/2008/1794
http://www.vupen.com/english/advisories/2008/1876/references
http://www.vupen.com/english/advisories/2008/2423
http://www.vupen.com/english/advisories/2008/2466
http://www.vupen.com/english/advisories/2008/2525
http://www.vupen.com/english/advisories/2008/2558
Common Vulnerability Exposure (CVE) ID: CVE-2008-1807
BugTraq ID: 29641
http://www.securityfocus.com/bid/29641
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=716
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9767
http://securitytracker.com/id?1020239
Common Vulnerability Exposure (CVE) ID: CVE-2008-1808
BugTraq ID: 29637
http://www.securityfocus.com/bid/29637
BugTraq ID: 29639
http://www.securityfocus.com/bid/29639
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=717
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11188
http://www.redhat.com/support/errata/RHSA-2009-0329.html
http://securitytracker.com/id?1020240
http://secunia.com/advisories/35204

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.61184
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200806-10 (freetype)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200806-10.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200806-10. Vulnerability Insight: Font parsing vulnerabilities in FreeType might lead to user-assisted execution of arbitrary code. Solution: All FreeType users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-libs/freetype-2.3.6' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-1806 http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html BugTraq ID: 29640 http://www.securityfocus.com/bid/29640 Bugtraq: 20080814 rPSA-2008-0255-1 freetype (Google Search) http://www.securityfocus.com/archive/1/495497/100/0/threaded Bugtraq: 20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues. (Google Search) http://www.securityfocus.com/archive/1/495869/100/0/threaded https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00717.html https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00721.html http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html http://security.gentoo.org/glsa/glsa-200806-10.xml http://security.gentoo.org/glsa/glsa-201209-25.xml http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=715 http://www.mandriva.com/security/advisories?name=MDVSA-2008:121 http://sourceforge.net/project/shownotes.php?group_id=3157&release_id=605780 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9321 http://www.redhat.com/support/errata/RHSA-2008-0556.html http://www.redhat.com/support/errata/RHSA-2008-0558.html http://securitytracker.com/id?1020238 http://secunia.com/advisories/30600 http://secunia.com/advisories/30721 http://secunia.com/advisories/30740 http://secunia.com/advisories/30766 http://secunia.com/advisories/30819 http://secunia.com/advisories/30821 http://secunia.com/advisories/30967 http://secunia.com/advisories/31479 http://secunia.com/advisories/31577 http://secunia.com/advisories/31707 http://secunia.com/advisories/31709 http://secunia.com/advisories/31711 http://secunia.com/advisories/31712 http://secunia.com/advisories/31823 http://secunia.com/advisories/31856 http://secunia.com/advisories/31900 http://secunia.com/advisories/33937 http://sunsolve.sun.com/search/document.do?assetkey=1-26-239006-1 SuSE Security Announcement: SUSE-SR:2008:014 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html http://www.ubuntu.com/usn/usn-643-1 http://www.vupen.com/english/advisories/2008/1794 http://www.vupen.com/english/advisories/2008/1876/references http://www.vupen.com/english/advisories/2008/2423 http://www.vupen.com/english/advisories/2008/2466 http://www.vupen.com/english/advisories/2008/2525 http://www.vupen.com/english/advisories/2008/2558 Common Vulnerability Exposure (CVE) ID: CVE-2008-1807 BugTraq ID: 29641 http://www.securityfocus.com/bid/29641 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=716 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9767 http://securitytracker.com/id?1020239 Common Vulnerability Exposure (CVE) ID: CVE-2008-1808 BugTraq ID: 29637 http://www.securityfocus.com/bid/29637 BugTraq ID: 29639 http://www.securityfocus.com/bid/29639 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=717 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11188 http://www.redhat.com/support/errata/RHSA-2009-0329.html http://securitytracker.com/id?1020240 http://secunia.com/advisories/35204
Copyright	Copyright (C) 2008 E-Soft Inc.