Test ID:	1.3.6.1.4.1.25623.1.0.56479
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-265-1 (libcairo)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to libcairo announced via advisory USN-265-1. A security issue affects the following Ubuntu releases: Ubuntu 5.10 (Breezy Badger) The following packages are affected: libcairo2 When rendering glyphs, the cairo graphics rendering library did not check the maximum length of character strings. A request to display an excessively long string with cairo caused a program crash due to an X library error. Mike Davis discovered that this could be turned into a Denial of Service attack in Evolution. An email with an attachment with very long lines caused Evolution to crash repeatedly until that email was manually removed from the mail folder. This only affects Ubuntu 5.10. Previous Ubuntu releases did not use libcairo for text rendering. Solution: The problem can be corrected by upgrading the affected package to version 1.0.2-0ubuntu1.1. In general, a standard system upgrade is sufficient to effect the necessary changes. http://www.securityspace.com/smysecure/catid.html?in=USN-265-1 Risk factor : Medium CVSS Score: 5.0
Cross-Ref:	BugTraq ID: 16408 Common Vulnerability Exposure (CVE) ID: CVE-2006-0528 http://www.securityfocus.com/bid/16408 http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0925.html http://www.mandriva.com/security/advisories?name=MDKSA-2006:057 http://secunia.com/advisories/19504 http://securityreason.com/securityalert/610 SuSE Security Announcement: SUSE-SR:2006:007 (Google Search) http://www.novell.com/linux/security/advisories/2006_07_sr.html https://usn.ubuntu.com/265-1/
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.