Test ID:	1.3.6.1.4.1.25623.1.0.58320
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DSA-1268-1)
Summary:	The remote host is missing an update for the Debian 'libwpd' package(s) announced via the DSA-1268-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'libwpd' package(s) announced via the DSA-1268-1 advisory. Vulnerability Insight: iDefense reported several integer overflow bugs in libwpd, a library for handling WordPerfect documents. Attackers were able to exploit these with carefully crafted Word Perfect files that could cause an application linked with libwpd to crash or possibly execute arbitrary code. For the stable distribution (sarge) these problems have been fixed in version 0.8.1-1sarge1. For the testing distribution (etch) these problems have been fixed in version 0.8.7-6. For the unstable distribution (sid) these problems have been fixed in version 0.8.7-6. We recommend that you upgrade your libwpd package. Affected Software/OS: 'libwpd' package(s) on Debian 3.1, Debian 4. Solution: Please install the updated package(s). CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-0002 BugTraq ID: 23006 http://www.securityfocus.com/bid/23006 Bugtraq: 20070316 rPSA-2007-0057-1 libwpd (Google Search) http://www.securityfocus.com/archive/1/463033/100/0/threaded Debian Security Information: DSA-1268 (Google Search) http://www.debian.org/security/2007/dsa-1268 Debian Security Information: DSA-1270 (Google Search) http://www.debian.org/security/2007/dsa-1270 http://fedoranews.org/cms/node/2805 http://security.gentoo.org/glsa/glsa-200704-07.xml http://www.gentoo.org/security/en/glsa/glsa-200704-12.xml http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=490 http://www.mandriva.com/security/advisories?name=MDKSA-2007:063 http://www.mandriva.com/security/advisories?name=MDKSA-2007:064 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11535 http://www.redhat.com/support/errata/RHSA-2007-0055.html http://www.securitytracker.com/id?1017789 http://secunia.com/advisories/24465 http://secunia.com/advisories/24507 http://secunia.com/advisories/24557 http://secunia.com/advisories/24572 http://secunia.com/advisories/24573 http://secunia.com/advisories/24580 http://secunia.com/advisories/24581 http://secunia.com/advisories/24588 http://secunia.com/advisories/24591 http://secunia.com/advisories/24593 http://secunia.com/advisories/24613 http://secunia.com/advisories/24794 http://secunia.com/advisories/24856 http://secunia.com/advisories/24906 http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.399659 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102863-1 SuSE Security Announcement: SUSE-SA:2007:023 (Google Search) http://lists.suse.com/archive/suse-security-announce/2007-Mar/0007.html http://www.ubuntu.com/usn/usn-437-1 http://www.vupen.com/english/advisories/2007/0976 http://www.vupen.com/english/advisories/2007/1032 http://www.vupen.com/english/advisories/2007/1339
Copyright	Copyright (C) 2008 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.