FreeBSD Local Security Checks : FreeBSD Ports: libsndfile

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.64121

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Ports: libsndfile

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following package is affected: libsndfile

CVE-2009-1788
Heap-based buffer overflow in voc_read_header in libsndfile 1.0.15
through 1.0.19, as used in Winamp 5.552 and possibly other media
programs, allows remote attackers to cause a denial of service
(application crash) and possibly execute arbitrary code via a VOC file
with an invalid header value.

CVE-2009-1791
Heap-based buffer overflow in aiff_read_header in libsndfile 1.0.15
through 1.0.19, as used in Winamp 5.552 and possibly other media
programs, allows remote attackers to cause a denial of service
(application crash) and possibly execute arbitrary code via an AIFF
file with an invalid header value.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-1788
BugTraq ID: 34978
http://www.securityfocus.com/bid/34978
Debian Security Information: DSA-1814 (Google Search)
http://www.debian.org/security/2009/dsa-1814
http://security.gentoo.org/glsa/glsa-200905-09.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2009:132
http://trapkit.de/advisories/TKADV2009-006.txt
http://secunia.com/advisories/35076
http://secunia.com/advisories/35126
http://secunia.com/advisories/35247
http://secunia.com/advisories/35443
http://www.vupen.com/english/advisories/2009/1324
http://www.vupen.com/english/advisories/2009/1348
XForce ISS Database: libsndfile-aiff-voc-bo(50541)
https://exchange.xforce.ibmcloud.com/vulnerabilities/50541
XForce ISS Database: libsndfile-voc-bo(50827)
https://exchange.xforce.ibmcloud.com/vulnerabilities/50827
Common Vulnerability Exposure (CVE) ID: CVE-2009-1791

Copyright Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.64121
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: libsndfile
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: libsndfile CVE-2009-1788 Heap-based buffer overflow in voc_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a VOC file with an invalid header value. CVE-2009-1791 Heap-based buffer overflow in aiff_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an AIFF file with an invalid header value. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1788 BugTraq ID: 34978 http://www.securityfocus.com/bid/34978 Debian Security Information: DSA-1814 (Google Search) http://www.debian.org/security/2009/dsa-1814 http://security.gentoo.org/glsa/glsa-200905-09.xml http://www.mandriva.com/security/advisories?name=MDVSA-2009:132 http://trapkit.de/advisories/TKADV2009-006.txt http://secunia.com/advisories/35076 http://secunia.com/advisories/35126 http://secunia.com/advisories/35247 http://secunia.com/advisories/35443 http://www.vupen.com/english/advisories/2009/1324 http://www.vupen.com/english/advisories/2009/1348 XForce ISS Database: libsndfile-aiff-voc-bo(50541) https://exchange.xforce.ibmcloud.com/vulnerabilities/50541 XForce ISS Database: libsndfile-voc-bo(50827) https://exchange.xforce.ibmcloud.com/vulnerabilities/50827 Common Vulnerability Exposure (CVE) ID: CVE-2009-1791
Copyright	Copyright (C) 2009 E-Soft Inc.