Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2013-0315)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2013.0315

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2013-0315)

Resumen: The remote host is missing an update for the 'icu' package(s) announced via the MGASA-2013-0315 advisory.

Descripción: Summary:
The remote host is missing an update for the 'icu' package(s) announced via the MGASA-2013-0315 advisory.

Vulnerability Insight:
Updated icu packages fix security vulnerabilities:

It was discovered that ICU contained a race condition affecting multi-
threaded applications. If an application using ICU processed crafted data,
an attacker could cause it to crash or potentially execute arbitrary code
with the privileges of the user invoking the program (CVE-2013-0900).

It was discovered that ICU incorrectly handled memory operations. If an
application using ICU processed crafted data, an attacker could cause it to
crash or potentially execute arbitrary code with the privileges of the user
invoking the program (CVE-2013-2924).

Affected Software/OS:
'icu' package(s) on Mageia 2.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2013-0900
Debian Security Information: DSA-2786 (Google Search)
http://www.debian.org/security/2013/dsa-2786
http://jvn.jp/en/jp/JVN70739377/index.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16404
SuSE Security Announcement: openSUSE-SU-2013:0454 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-03/msg00045.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-2924
BugTraq ID: 64758
http://www.securityfocus.com/bid/64758
Debian Security Information: DSA-2785 (Google Search)
http://www.debian.org/security/2013/dsa-2785
http://jvn.jp/en/jp/JVN85336306/index.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19017
SuSE Security Announcement: openSUSE-SU-2013:1556 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00002.html
SuSE Security Announcement: openSUSE-SU-2013:1861 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html
SuSE Security Announcement: openSUSE-SU-2014:0065 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2013.0315
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2013-0315)
Resumen:	The remote host is missing an update for the 'icu' package(s) announced via the MGASA-2013-0315 advisory.
Descripción:	Summary: The remote host is missing an update for the 'icu' package(s) announced via the MGASA-2013-0315 advisory. Vulnerability Insight: Updated icu packages fix security vulnerabilities: It was discovered that ICU contained a race condition affecting multi- threaded applications. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program (CVE-2013-0900). It was discovered that ICU incorrectly handled memory operations. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program (CVE-2013-2924). Affected Software/OS: 'icu' package(s) on Mageia 2. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-0900 Debian Security Information: DSA-2786 (Google Search) http://www.debian.org/security/2013/dsa-2786 http://jvn.jp/en/jp/JVN70739377/index.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16404 SuSE Security Announcement: openSUSE-SU-2013:0454 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-03/msg00045.html Common Vulnerability Exposure (CVE) ID: CVE-2013-2924 BugTraq ID: 64758 http://www.securityfocus.com/bid/64758 Debian Security Information: DSA-2785 (Google Search) http://www.debian.org/security/2013/dsa-2785 http://jvn.jp/en/jp/JVN85336306/index.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19017 SuSE Security Announcement: openSUSE-SU-2013:1556 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00002.html SuSE Security Announcement: openSUSE-SU-2013:1861 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html SuSE Security Announcement: openSUSE-SU-2014:0065 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html
Copyright	Copyright (C) 2022 Greenbone AG