Mandrake Local Security Checks : Mandriva Security Advisory MDVSA-2009:130-1 (gstreamer0.10-plugins-good)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.66393

Categoría: Mandrake Local Security Checks

Título: Mandriva Security Advisory MDVSA-2009:130-1 (gstreamer0.10-plugins-good)

Resumen: The remote host is missing an update to gstreamer0.10-plugins-good;announced via advisory MDVSA-2009:130-1.

Descripción: Summary:
The remote host is missing an update to gstreamer0.10-plugins-good
announced via advisory MDVSA-2009:130-1.

Vulnerability Insight:
Multiple integer overflows in the (1) user_info_callback,
(2) user_endrow_callback, and (3) gst_pngdec_task functions
(ext/libpng/gstpngdec.c) in GStreamer Good Plug-ins (aka
gst-plugins-good or gstreamer-plugins-good) 0.10.15 allow remote
attackers to cause a denial of service and possibly execute arbitrary
code via a crafted PNG file, which triggers a buffer overflow
(CVE-2009-1932).

Update:

Packages for 2008.0 are being provided due to extended support for
Corporate products.

Affected: 2008.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-1932
BugTraq ID: 35172
http://www.securityfocus.com/bid/35172
Debian Security Information: DSA-1839 (Google Search)
http://www.debian.org/security/2009/dsa-1839
http://security.gentoo.org/glsa/glsa-200907-11.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2009:130
http://osvdb.org/54827
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10798
http://www.redhat.com/support/errata/RHSA-2009-1123.html
http://secunia.com/advisories/35205
http://secunia.com/advisories/35583
http://secunia.com/advisories/35777
http://secunia.com/advisories/35897
http://www.vupen.com/english/advisories/2009/1506

Copyright Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.66393
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Security Advisory MDVSA-2009:130-1 (gstreamer0.10-plugins-good)
Resumen:	The remote host is missing an update to gstreamer0.10-plugins-good;announced via advisory MDVSA-2009:130-1.
Descripción:	Summary: The remote host is missing an update to gstreamer0.10-plugins-good announced via advisory MDVSA-2009:130-1. Vulnerability Insight: Multiple integer overflows in the (1) user_info_callback, (2) user_endrow_callback, and (3) gst_pngdec_task functions (ext/libpng/gstpngdec.c) in GStreamer Good Plug-ins (aka gst-plugins-good or gstreamer-plugins-good) 0.10.15 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PNG file, which triggers a buffer overflow (CVE-2009-1932). Update: Packages for 2008.0 are being provided due to extended support for Corporate products. Affected: 2008.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1932 BugTraq ID: 35172 http://www.securityfocus.com/bid/35172 Debian Security Information: DSA-1839 (Google Search) http://www.debian.org/security/2009/dsa-1839 http://security.gentoo.org/glsa/glsa-200907-11.xml http://www.mandriva.com/security/advisories?name=MDVSA-2009:130 http://osvdb.org/54827 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10798 http://www.redhat.com/support/errata/RHSA-2009-1123.html http://secunia.com/advisories/35205 http://secunia.com/advisories/35583 http://secunia.com/advisories/35777 http://secunia.com/advisories/35897 http://www.vupen.com/english/advisories/2009/1506
Copyright	Copyright (C) 2009 E-Soft Inc.