ID de Prueba:	1.3.6.1.4.1.25623.1.0.64180
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDVSA-2009:129 (file)
Resumen:	The remote host is missing an update to file;announced via advisory MDVSA-2009:129.
Descripción:	Summary: The remote host is missing an update to file announced via advisory MDVSA-2009:129. Vulnerability Insight: A security vulnerability has been identified and fixed in file: Heap-based buffer overflow in the cdf_read_sat function in src/cdf.c in Christos Zoulas file 5.00 allows user-assisted remote attackers to execute arbitrary code via a crafted compound document file, as demonstrated by a .msi, .doc, or .mpp file. NOTE: some of these details are obtained from third party information (CVE-2009-1515). This update provides file-5.03, which is not vulnerable to this, and other unspecified issues. Affected: 2009.1 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1515 BugTraq ID: 34745 http://www.securityfocus.com/bid/34745 http://www.mandriva.com/security/advisories?name=MDVSA-2009:129 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=515603 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=525820 http://mx.gw.com/pipermail/file/2009/000379.html http://www.osvdb.org/54100 http://secunia.com/advisories/34881
Copyright	Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.