ID de Prueba:	1.3.6.1.4.1.25623.1.0.66340
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: libvorbis
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: libvorbis CVE-2008-1420 Integer overflow in residue partition value (aka partvals) evaluation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to execute arbitrary code via a crafted OGG file, which triggers a heap overflow. CVE-2009-3379 Multiple unspecified vulnerabilities in libvorbis, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. NOTE: this might overlap CVE-2009-2663. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-1420 BugTraq ID: 29206 http://www.securityfocus.com/bid/29206 Debian Security Information: DSA-1591 (Google Search) http://www.debian.org/security/2008/dsa-1591 https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00247.html https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00256.html https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00243.html http://security.gentoo.org/glsa/glsa-200806-09.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:102 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9500 http://www.redhat.com/support/errata/RHSA-2008-0270.html http://www.redhat.com/support/errata/RHSA-2008-0271.html http://www.securitytracker.com/id?1020029 http://secunia.com/advisories/30234 http://secunia.com/advisories/30237 http://secunia.com/advisories/30247 http://secunia.com/advisories/30259 http://secunia.com/advisories/30479 http://secunia.com/advisories/30581 http://secunia.com/advisories/30820 http://secunia.com/advisories/32946 http://secunia.com/advisories/36463 SuSE Security Announcement: SUSE-SR:2008:012 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html http://www.ubuntu.com/usn/USN-682-1 https://usn.ubuntu.com/825-1/ http://www.vupen.com/english/advisories/2008/1510/references XForce ISS Database: libvorbis-residue-bo(42402) https://exchange.xforce.ibmcloud.com/vulnerabilities/42402 Common Vulnerability Exposure (CVE) ID: CVE-2009-3379 https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00315.html https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00369.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:294 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10993 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6582 http://www.redhat.com/support/errata/RHSA-2009-1561.html http://secunia.com/advisories/37306 http://secunia.com/advisories/37340 http://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1 http://www.ubuntu.com/usn/USN-861-1 http://www.vupen.com/english/advisories/2009/3334
Copyright	Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.