Mandrake Local Security Checks : Mandrake Security Advisory MDVSA-2009:145 (php)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.64339

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDVSA-2009:145 (php)

Resumen: The remote host is missing an update to php;announced via advisory MDVSA-2009:145.

Descripción: Summary:
The remote host is missing an update to php
announced via advisory MDVSA-2009:145.

Vulnerability Insight:
A vulnerability has been found and corrected in PHP:

- Fixed upstream bug #48378 (exif_read_data() segfaults on certain
corrupted .jpeg files).

The updated packages have been patched to correct these issues.

Affected: 2008.1, 2009.0, 2009.1, Corporate 4.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-2687
BugTraq ID: 35440
http://www.securityfocus.com/bid/35440
Debian Security Information: DSA-1940 (Google Search)
http://www.debian.org/security/2009/dsa-1940
HPdes Security Advisory: HPSBUX02543
http://marc.info/?l=bugtraq&m=127680701405735&w=2
HPdes Security Advisory: SSRT100152
http://www.mandriva.com/security/advisories?name=MDVSA-2009:145
http://www.mandriva.com/security/advisories?name=MDVSA-2009:167
http://osvdb.org/55222
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10695
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6655
http://secunia.com/advisories/35441
http://secunia.com/advisories/36462
http://secunia.com/advisories/37482
http://secunia.com/advisories/40262
SuSE Security Announcement: SUSE-SR:2009:017 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html
https://usn.ubuntu.com/824-1/
http://www.vupen.com/english/advisories/2009/1632
XForce ISS Database: php-exifreaddata-dos(51253)
https://exchange.xforce.ibmcloud.com/vulnerabilities/51253

Copyright Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.64339
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDVSA-2009:145 (php)
Resumen:	The remote host is missing an update to php;announced via advisory MDVSA-2009:145.
Descripción:	Summary: The remote host is missing an update to php announced via advisory MDVSA-2009:145. Vulnerability Insight: A vulnerability has been found and corrected in PHP: - Fixed upstream bug #48378 (exif_read_data() segfaults on certain corrupted .jpeg files). The updated packages have been patched to correct these issues. Affected: 2008.1, 2009.0, 2009.1, Corporate 4.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2687 BugTraq ID: 35440 http://www.securityfocus.com/bid/35440 Debian Security Information: DSA-1940 (Google Search) http://www.debian.org/security/2009/dsa-1940 HPdes Security Advisory: HPSBUX02543 http://marc.info/?l=bugtraq&m=127680701405735&w=2 HPdes Security Advisory: SSRT100152 http://www.mandriva.com/security/advisories?name=MDVSA-2009:145 http://www.mandriva.com/security/advisories?name=MDVSA-2009:167 http://osvdb.org/55222 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10695 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6655 http://secunia.com/advisories/35441 http://secunia.com/advisories/36462 http://secunia.com/advisories/37482 http://secunia.com/advisories/40262 SuSE Security Announcement: SUSE-SR:2009:017 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html https://usn.ubuntu.com/824-1/ http://www.vupen.com/english/advisories/2009/1632 XForce ISS Database: php-exifreaddata-dos(51253) https://exchange.xforce.ibmcloud.com/vulnerabilities/51253
Copyright	Copyright (C) 2009 E-Soft Inc.