Red Hat Local Security Checks : RedHat Security Advisory RHSA-2009:0269

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.63319

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2009:0269

Resumen: The remote host is missing updates announced in;advisory RHSA-2009:0269.;;The gstreamer-plugins package contains plug-ins used by the GStreamer;streaming-media framework to support a wide variety of media types.;;An array indexing error was found in the GStreamer's QuickTime media file;format decoding plug-in. An attacker could create a carefully-crafted;QuickTime media .mov file that would cause an application using GStreamer;to crash or, potentially, execute arbitrary code if played by a victim.;(CVE-2009-0398);;All users of gstreamer-plugins are advised to upgrade to these updated;packages, which contain a backported patch to correct this issue. After;installing the update, all applications using GStreamer (such as;nautilus-media) must be restarted for the changes to take effect.

Descripción: Summary:
The remote host is missing updates announced in
advisory RHSA-2009:0269.

The gstreamer-plugins package contains plug-ins used by the GStreamer
streaming-media framework to support a wide variety of media types.

An array indexing error was found in the GStreamer's QuickTime media file
format decoding plug-in. An attacker could create a carefully-crafted
QuickTime media .mov file that would cause an application using GStreamer
to crash or, potentially, execute arbitrary code if played by a victim.
(CVE-2009-0398)

All users of gstreamer-plugins are advised to upgrade to these updated
packages, which contain a backported patch to correct this issue. After
installing the update, all applications using GStreamer (such as
nautilus-media) must be restarted for the changes to take effect.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-0398
http://www.openwall.com/lists/oss-security/2009/01/29/3
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9886
http://www.redhat.com/support/errata/RHSA-2009-0269.html
http://secunia.com/advisories/33830

Copyright Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.63319
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2009:0269
Resumen:	The remote host is missing updates announced in;advisory RHSA-2009:0269.;;The gstreamer-plugins package contains plug-ins used by the GStreamer;streaming-media framework to support a wide variety of media types.;;An array indexing error was found in the GStreamer's QuickTime media file;format decoding plug-in. An attacker could create a carefully-crafted;QuickTime media .mov file that would cause an application using GStreamer;to crash or, potentially, execute arbitrary code if played by a victim.;(CVE-2009-0398);;All users of gstreamer-plugins are advised to upgrade to these updated;packages, which contain a backported patch to correct this issue. After;installing the update, all applications using GStreamer (such as;nautilus-media) must be restarted for the changes to take effect.
Descripción:	Summary: The remote host is missing updates announced in advisory RHSA-2009:0269. The gstreamer-plugins package contains plug-ins used by the GStreamer streaming-media framework to support a wide variety of media types. An array indexing error was found in the GStreamer's QuickTime media file format decoding plug-in. An attacker could create a carefully-crafted QuickTime media .mov file that would cause an application using GStreamer to crash or, potentially, execute arbitrary code if played by a victim. (CVE-2009-0398) All users of gstreamer-plugins are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, all applications using GStreamer (such as nautilus-media) must be restarted for the changes to take effect. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0398 http://www.openwall.com/lists/oss-security/2009/01/29/3 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9886 http://www.redhat.com/support/errata/RHSA-2009-0269.html http://secunia.com/advisories/33830
Copyright	Copyright (C) 2009 E-Soft Inc.