Test ID:	1.3.6.1.4.1.25623.1.0.56650
Category:	FreeBSD Local Security Checks
Title:	FreeBSD Ports: amaya
Summary:	The remote host is missing an update to the system; as announced in the referenced advisory.
Description:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: amaya CVE-2006-1900 Multiple buffer overflows in World Wide Web Consortium (W3C) Amaya 9.4, and possibly other versions including 8.x before 8.8.5, allow remote attackers to execute arbitrary code via a long value in (1) the COMPACT attribute of the COLGROUP element, (2) the ROWS attribute of the TEXTAREA element, and (3) the COLOR attribute of the LEGEND element, and via other unspecified attack vectors consisting of 'dozens of possible snippets.' Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 7.6 CVSS Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-1900 BugTraq ID: 17507 http://www.securityfocus.com/bid/17507 Bugtraq: 20060412 [BuHa-Security] Stack Based Buffer Overflow Vulnerability in Amaya 9.4 (Google Search) http://www.securityfocus.com/archive/1/430877/100/0/threaded Bugtraq: 20060412 [BuHa-Security] Stack Based Buffer Overflow Vulnerability in Amaya 9.4 #2 (Google Search) http://www.securityfocus.com/archive/1/430879/100/0/threaded http://morph3us.org/advisories/20060412-amaya-94-2.txt http://morph3us.org/advisories/20060412-amaya-94.txt http://www.osvdb.org/24623 http://www.osvdb.org/24624 http://secunia.com/advisories/19670 http://www.vupen.com/english/advisories/2006/1351 XForce ISS Database: amaya-various-attribute-bo(25791) https://exchange.xforce.ibmcloud.com/vulnerabilities/25791
Copyright	Copyright (C) 2008 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.