FreeBSD Local Security Checks : FreeBSD Ports: imlib2, imlib2-nox11

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.61913

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Ports: imlib2, imlib2-nox11

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following packages are affected:

imlib2
imlib2-nox11

CVE-2008-5187
The load function in the XPM loader for imlib2 1.4.2, and possibly
other versions, allows attackers to cause a denial of service (crash)
and possibly execute arbitrary code via a crafted XPM file that
triggers a 'pointer arithmetic error' and a heap-based buffer
overflow, a different vulnerability than CVE-2008-2426. NOTE: the
provenance of this information is unknown. The details are obtained
solely from third party information.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-5187
BugTraq ID: 32371
http://www.securityfocus.com/bid/32371
Debian Security Information: DSA-1672 (Google Search)
http://www.debian.org/security/2008/dsa-1672
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00856.html
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00858.html
http://security.gentoo.org/glsa/glsa-200812-23.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2009:019
http://www.openwall.com/lists/oss-security/2008/11/20/5
http://osvdb.org/49970
http://secunia.com/advisories/32796
http://secunia.com/advisories/32843
http://secunia.com/advisories/32949
http://secunia.com/advisories/32963
http://secunia.com/advisories/33323
http://secunia.com/advisories/33568
SuSE Security Announcement: SUSE-SR:2009:002 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html
http://www.ubuntu.com/usn/USN-683-1
http://www.vupen.com/english/advisories/2008/3212

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.61913
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: imlib2, imlib2-nox11
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: imlib2 imlib2-nox11 CVE-2008-5187 The load function in the XPM loader for imlib2 1.4.2, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XPM file that triggers a 'pointer arithmetic error' and a heap-based buffer overflow, a different vulnerability than CVE-2008-2426. NOTE: the provenance of this information is unknown. The details are obtained solely from third party information. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-5187 BugTraq ID: 32371 http://www.securityfocus.com/bid/32371 Debian Security Information: DSA-1672 (Google Search) http://www.debian.org/security/2008/dsa-1672 https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00856.html https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00858.html http://security.gentoo.org/glsa/glsa-200812-23.xml http://www.mandriva.com/security/advisories?name=MDVSA-2009:019 http://www.openwall.com/lists/oss-security/2008/11/20/5 http://osvdb.org/49970 http://secunia.com/advisories/32796 http://secunia.com/advisories/32843 http://secunia.com/advisories/32949 http://secunia.com/advisories/32963 http://secunia.com/advisories/33323 http://secunia.com/advisories/33568 SuSE Security Announcement: SUSE-SR:2009:002 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html http://www.ubuntu.com/usn/USN-683-1 http://www.vupen.com/english/advisories/2008/3212
Copyright	Copyright (C) 2008 E-Soft Inc.