ID de Prueba:	1.3.6.1.4.1.25623.1.0.870811
Categoría:	Red Hat Local Security Checks
Título:	RedHat Update for tetex RHSA-2012:1201-01
Resumen:	The remote host is missing an update for the 'tetex'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'tetex' package(s) announced via the referenced advisory. Vulnerability Insight: teTeX is an implementation of TeX. TeX takes a text file and a set of formatting commands as input, and creates a typesetter-independent DeVice Independent (DVI) file as output. teTeX embeds a copy of t1lib to rasterize bitmaps from PostScript Type 1 fonts. The following issues affect t1lib code: Two heap-based buffer overflow flaws were found in the way t1lib processed Adobe Font Metrics (AFM) files. If a specially-crafted font file was opened by teTeX, it could cause teTeX to crash or, potentially, execute arbitrary code with the privileges of the user running teTeX. (CVE-2010-2642, CVE-2011-0433) An invalid pointer dereference flaw was found in t1lib. A specially-crafted font file could, when opened, cause teTeX to crash or, potentially, execute arbitrary code with the privileges of the user running teTeX. (CVE-2011-0764) Red Hat would like to thank the Evince development team for reporting CVE-2010-2642. Upstream acknowledges Jon Larimer of IBM X-Force as the original reporter of CVE-2010-2642. All users of tetex are advised to upgrade to these updated packages, which contain backported patches to correct these issues. Affected Software/OS: tetex on Red Hat Enterprise Linux (v. 5 server) Solution: Please Install the Updated Packages. CVSS Score: 7.6 CVSS Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2642 BugTraq ID: 45678 http://www.securityfocus.com/bid/45678 Debian Security Information: DSA-2357 (Google Search) http://www.debian.org/security/2011/dsa-2357 http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052910.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052995.html https://security.gentoo.org/glsa/201701-57 http://lists.mandriva.com/security-announce/2011-01/msg00006.php http://www.mandriva.com/security/advisories?name=MDVSA-2011:016 http://www.mandriva.com/security/advisories?name=MDVSA-2011:017 http://www.mandriva.com/security/advisories?name=MDVSA-2012:144 http://www.redhat.com/support/errata/RHSA-2011-0009.html RedHat Security Advisories: RHSA-2012:1201 http://rhn.redhat.com/errata/RHSA-2012-1201.html http://www.securitytracker.com/id?1024937 http://secunia.com/advisories/42769 http://secunia.com/advisories/42821 http://secunia.com/advisories/42847 http://secunia.com/advisories/42872 SuSE Security Announcement: SUSE-SR:2011:005 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html http://www.ubuntu.com/usn/USN-1035-1 http://www.vupen.com/english/advisories/2011/0029 http://www.vupen.com/english/advisories/2011/0043 http://www.vupen.com/english/advisories/2011/0056 http://www.vupen.com/english/advisories/2011/0097 http://www.vupen.com/english/advisories/2011/0102 http://www.vupen.com/english/advisories/2011/0193 http://www.vupen.com/english/advisories/2011/0194 Common Vulnerability Exposure (CVE) ID: CVE-2010-3702 42141 http://secunia.com/advisories/42141 42357 http://secunia.com/advisories/42357 42397 http://secunia.com/advisories/42397 42691 http://secunia.com/advisories/42691 43079 http://secunia.com/advisories/43079 43845 http://www.securityfocus.com/bid/43845 ADV-2010-2897 http://www.vupen.com/english/advisories/2010/2897 ADV-2010-3097 http://www.vupen.com/english/advisories/2010/3097 ADV-2011-0230 http://www.vupen.com/english/advisories/2011/0230 DSA-2119 http://www.debian.org/security/2010/dsa-2119 DSA-2135 http://www.debian.org/security/2010/dsa-2135 FEDORA-2010-15857 http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html FEDORA-2010-15911 http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html FEDORA-2010-15981 http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html FEDORA-2010-16662 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html FEDORA-2010-16705 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html FEDORA-2010-16744 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html MDVSA-2010:228 http://www.mandriva.com/security/advisories?name=MDVSA-2010:228 MDVSA-2010:229 http://www.mandriva.com/security/advisories?name=MDVSA-2010:229 MDVSA-2010:230 http://www.mandriva.com/security/advisories?name=MDVSA-2010:230 MDVSA-2010:231 http://www.mandriva.com/security/advisories?name=MDVSA-2010:231 MDVSA-2012:144 RHSA-2010:0749 http://www.redhat.com/support/errata/RHSA-2010-0749.html RHSA-2010:0750 http://www.redhat.com/support/errata/RHSA-2010-0750.html RHSA-2010:0751 http://www.redhat.com/support/errata/RHSA-2010-0751.html RHSA-2010:0752 http://www.redhat.com/support/errata/RHSA-2010-0752.html RHSA-2010:0753 http://www.redhat.com/support/errata/RHSA-2010-0753.html RHSA-2010:0754 http://www.redhat.com/support/errata/RHSA-2010-0754.html RHSA-2010:0755 http://www.redhat.com/support/errata/RHSA-2010-0755.html RHSA-2010:0859 http://www.redhat.com/support/errata/RHSA-2010-0859.html RHSA-2012:1201 SSA:2010-324-01 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.571720 SUSE-SR:2010:022 http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html SUSE-SR:2010:023 http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html SUSE-SR:2010:024 http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html USN-1005-1 http://www.ubuntu.com/usn/USN-1005-1 [oss-security] 20101004 Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark http://www.openwall.com/lists/oss-security/2010/10/04/6 ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch http://cgit.freedesktop.org/poppler/poppler/commit/?id=e853106b58d6b4b0467dbd6436c9bb1cfbd372cf http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html https://bugzilla.redhat.com/show_bug.cgi?id=595245 Common Vulnerability Exposure (CVE) ID: CVE-2010-3704 43841 http://www.securityfocus.com/bid/43841 http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473 https://bugzilla.redhat.com/show_bug.cgi?id=638960 Common Vulnerability Exposure (CVE) ID: CVE-2011-0433 http://xorl.wordpress.com/2011/02/20/cve-2011-0433-evince-linetoken-buffer-overflow/ http://secunia.com/advisories/48985 Common Vulnerability Exposure (CVE) ID: CVE-2011-0764 BugTraq ID: 46941 http://www.securityfocus.com/bid/46941 Bugtraq: 20110327 TSSA-2011-01 xpdf : multiple vulnerabilities allow remote code execution (Google Search) http://www.securityfocus.com/archive/1/517205/100/0/threaded CERT/CC vulnerability note: VU#376500 http://www.kb.cert.org/vuls/id/376500 http://www.mandriva.com/security/advisories?name=MDVSA-2012:002 http://www.toucan-system.com/advisories/tssa-2011-01.txt http://securitytracker.com/id?1025266 http://secunia.com/advisories/43823 http://secunia.com/advisories/47347 http://securityreason.com/securityalert/8171 http://www.ubuntu.com/usn/USN-1316-1 http://www.vupen.com/english/advisories/2011/0728 XForce ISS Database: xpdf-t1lib-code-execution(66208) https://exchange.xforce.ibmcloud.com/vulnerabilities/66208 Common Vulnerability Exposure (CVE) ID: CVE-2011-1552 Common Vulnerability Exposure (CVE) ID: CVE-2011-1553 Common Vulnerability Exposure (CVE) ID: CVE-2011-1554
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.