Red Hat Local Security Checks : RedHat Security Advisory RHSA-2010:0003

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.66628

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2010:0003

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing updates announced in
advisory RHSA-2010:0003.

The gd packages provide a graphics library used for the dynamic creation of
images, such as PNG and JPEG.

A missing input sanitization flaw, leading to a buffer overflow, was
discovered in the gd library. A specially-crafted GD image file could cause
an application using the gd library to crash or, possibly, execute
arbitrary code when opened. (CVE-2009-3546)

Users of gd should upgrade to these updated packages, which contain a
backported patch to resolve this issue.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2010-0003.html
http://www.redhat.com/security/updates/classification/#moderate

Risk factor : Critical

CVSS Score:
9.3

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-3546
36712
http://www.securityfocus.com/bid/36712
37069
http://secunia.com/advisories/37069
37080
http://secunia.com/advisories/37080
38055
http://secunia.com/advisories/38055
ADV-2009-2929
http://www.vupen.com/english/advisories/2009/2929
ADV-2009-2930
http://www.vupen.com/english/advisories/2009/2930
MDVSA-2009:285
http://www.mandriva.com/security/advisories?name=MDVSA-2009:285
RHSA-2010:0003
http://www.redhat.com/support/errata/RHSA-2010-0003.html
[oss-security] 20091015 Re: CVE Request -- PHP 5 - 5.2.11
http://marc.info/?l=oss-security&m=125562113503923&w=2
[oss-security] 20091120 Re: CVE request: php 5.3.1 update
http://www.openwall.com/lists/oss-security/2009/11/20/5
http://svn.php.net/viewvc?view=revision&revision=289557
oval:org.mitre.oval:def:11199
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11199

Copyright Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.66628
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2010:0003
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2010:0003. The gd packages provide a graphics library used for the dynamic creation of images, such as PNG and JPEG. A missing input sanitization flaw, leading to a buffer overflow, was discovered in the gd library. A specially-crafted GD image file could cause an application using the gd library to crash or, possibly, execute arbitrary code when opened. (CVE-2009-3546) Users of gd should upgrade to these updated packages, which contain a backported patch to resolve this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2010-0003.html http://www.redhat.com/security/updates/classification/#moderate Risk factor : Critical CVSS Score: 9.3
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-3546 36712 http://www.securityfocus.com/bid/36712 37069 http://secunia.com/advisories/37069 37080 http://secunia.com/advisories/37080 38055 http://secunia.com/advisories/38055 ADV-2009-2929 http://www.vupen.com/english/advisories/2009/2929 ADV-2009-2930 http://www.vupen.com/english/advisories/2009/2930 MDVSA-2009:285 http://www.mandriva.com/security/advisories?name=MDVSA-2009:285 RHSA-2010:0003 http://www.redhat.com/support/errata/RHSA-2010-0003.html [oss-security] 20091015 Re: CVE Request -- PHP 5 - 5.2.11 http://marc.info/?l=oss-security&m=125562113503923&w=2 [oss-security] 20091120 Re: CVE request: php 5.3.1 update http://www.openwall.com/lists/oss-security/2009/11/20/5 http://svn.php.net/viewvc?view=revision&revision=289557 oval:org.mitre.oval:def:11199 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11199
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com