Test ID:	1.3.6.1.4.1.25623.1.0.122472
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2009-1127)
Summary:	The remote host is missing an update for the 'kdelibs' package(s) announced via the ELSA-2009-1127 advisory.
Description:	Summary: The remote host is missing an update for the 'kdelibs' package(s) announced via the ELSA-2009-1127 advisory. Vulnerability Insight: [3.5.4-22.0.1.el5_3] - Remove Version branding - Maximum rpm trademark logos removed (pics/crystalsvg/*-mime-rpm*) in tarball [3.5.4-22] - Resolves: #505621, CVE-2009-1687, integer overflow in KJS JavaScript garbage collector CVE-2009-1698, KHTML CSS parser - incorrect handling CSS style attribute content (DoS, ACE) [3.5.4-21] - Resolves: #505621, CVE-2009-1687, integer overflow in KJS JavaScript garbage collector CVE-2009-1698, KHTML CSS parser - incorrect handling CSS style attribute content (DoS, ACE) [3.5.4-20] - Resolves: #505621, CVE-2009-1687, integer overflow in KJS JavaScript garbage collector CVE-2009-1698, KHTML CSS parser - incorrect handling CSS style attribute content (DoS, ACE) [3.5.4-19] - Resolves: #505621, CVE-2009-1690 Affected Software/OS: 'kdelibs' package(s) on Oracle Linux 4, Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1687 http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html BugTraq ID: 35260 http://www.securityfocus.com/bid/35260 BugTraq ID: 35309 http://www.securityfocus.com/bid/35309 Debian Security Information: DSA-1950 (Google Search) http://www.debian.org/security/2009/dsa-1950 https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01200.html https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01177.html https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01199.html https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01196.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:330 http://osvdb.org/54985 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10260 http://securitytracker.com/id?1022345 http://secunia.com/advisories/35379 http://secunia.com/advisories/36057 http://secunia.com/advisories/36062 http://secunia.com/advisories/36790 http://secunia.com/advisories/37746 http://secunia.com/advisories/43068 SuSE Security Announcement: SUSE-SR:2011:002 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://www.ubuntu.com/usn/USN-822-1 http://www.ubuntu.com/usn/USN-836-1 http://www.ubuntu.com/usn/USN-857-1 http://www.vupen.com/english/advisories/2009/1522 http://www.vupen.com/english/advisories/2009/1621 http://www.vupen.com/english/advisories/2011/0212 Common Vulnerability Exposure (CVE) ID: CVE-2009-1690 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=803 http://osvdb.org/54990 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11009 Common Vulnerability Exposure (CVE) ID: CVE-2009-1698 BugTraq ID: 35318 http://www.securityfocus.com/bid/35318 Bugtraq: 20090608 ZDI-09-032: Apple WebKit attr() Invalid Attribute Memory Corruption Vulnerability (Google Search) http://www.securityfocus.com/archive/1/504173/100/0/threaded Bugtraq: 20090614 [TZO-37-2009] Apple Safari <v4 Remote code execution (Google Search) http://www.securityfocus.com/archive/1/504295/100/0/threaded http://blog.zoller.lu/2009/05/advisory-apple-safari-remote-code.html http://www.zerodayinitiative.com/advisories/ZDI-09-032/ http://osvdb.org/55006 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9484 http://www.redhat.com/support/errata/RHSA-2009-1128.html http://secunia.com/advisories/35588
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.