Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2014-0009)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2014.0009

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2014-0009)

Resumen: The remote host is missing an update for the 'qt4' package(s) announced via the MGASA-2014-0009 advisory.

Descripción: Summary:
The remote host is missing an update for the 'qt4' package(s) announced via the MGASA-2014-0009 advisory.

Vulnerability Insight:
It was discovered that QXmlSimpleReader in Qt incorrectly handled XML
entity expansion. An attacker could use this flaw to cause Qt applications
to consume large amounts of resources, resulting in a denial of service
(CVE-2013-4549).

Affected Software/OS:
'qt4' package(s) on Mageia 3.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2013-4549
56008
http://secunia.com/advisories/56008
56166
http://secunia.com/advisories/56166
FEDORA-2014-5695
http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132395.html
USN-2057-1
http://www.ubuntu.com/usn/USN-2057-1
[qt-announce] 20131205 [Announce] Qt Project Security Advisory: XML Entity Expansion Denial of Service
http://lists.qt-project.org/pipermail/announce/2013-December/000036.html
http://blog.qt.digia.com/blog/2014/04/24/qt-4-8-6-released/
https://codereview.qt-project.org/#change%2C71010
https://codereview.qt-project.org/#change%2C71368
openSUSE-SU-2014:0067
http://lists.opensuse.org/opensuse-updates/2014-01/msg00044.html
openSUSE-SU-2014:0070
http://lists.opensuse.org/opensuse-updates/2014-01/msg00047.html
openSUSE-SU-2014:0125
http://lists.opensuse.org/opensuse-updates/2014-01/msg00085.html
openSUSE-SU-2014:0173
http://lists.opensuse.org/opensuse-updates/2014-01/msg00104.html
openSUSE-SU-2014:0176
http://lists.opensuse.org/opensuse-updates/2014-01/msg00106.html

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2014.0009
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2014-0009)
Resumen:	The remote host is missing an update for the 'qt4' package(s) announced via the MGASA-2014-0009 advisory.
Descripción:	Summary: The remote host is missing an update for the 'qt4' package(s) announced via the MGASA-2014-0009 advisory. Vulnerability Insight: It was discovered that QXmlSimpleReader in Qt incorrectly handled XML entity expansion. An attacker could use this flaw to cause Qt applications to consume large amounts of resources, resulting in a denial of service (CVE-2013-4549). Affected Software/OS: 'qt4' package(s) on Mageia 3. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-4549 56008 http://secunia.com/advisories/56008 56166 http://secunia.com/advisories/56166 FEDORA-2014-5695 http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132395.html USN-2057-1 http://www.ubuntu.com/usn/USN-2057-1 [qt-announce] 20131205 [Announce] Qt Project Security Advisory: XML Entity Expansion Denial of Service http://lists.qt-project.org/pipermail/announce/2013-December/000036.html http://blog.qt.digia.com/blog/2014/04/24/qt-4-8-6-released/ https://codereview.qt-project.org/#change%2C71010 https://codereview.qt-project.org/#change%2C71368 openSUSE-SU-2014:0067 http://lists.opensuse.org/opensuse-updates/2014-01/msg00044.html openSUSE-SU-2014:0070 http://lists.opensuse.org/opensuse-updates/2014-01/msg00047.html openSUSE-SU-2014:0125 http://lists.opensuse.org/opensuse-updates/2014-01/msg00085.html openSUSE-SU-2014:0173 http://lists.opensuse.org/opensuse-updates/2014-01/msg00104.html openSUSE-SU-2014:0176 http://lists.opensuse.org/opensuse-updates/2014-01/msg00106.html
Copyright	Copyright (C) 2022 Greenbone AG