Test ID:	1.3.6.1.4.1.25623.1.0.59061
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-376-1 (imlib2)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to imlib2 announced via advisory USN-376-1. A security issue affects the following Ubuntu releases: Ubuntu 5.10 Ubuntu 6.06 LTS Ubuntu 6.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. Details follow: M. Joonas Pihlaja discovered that imlib2 did not sufficiently verify the validity of ARGB, JPG, LBM, PNG, PNM, TGA, and TIFF images. If a user were tricked into viewing or processing a specially crafted image with an application that uses imlib2, the flaws could be exploited to execute arbitrary code with the user's privileges. Solution: The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.10: libimlib2 1.2.0-2.2ubuntu2.1 Ubuntu 6.06 LTS: libimlib2 1.2.1-2ubuntu0.1 Ubuntu 6.10: libimlib2 1.2.1-2ubuntu1.1 In general, a standard system upgrade is sufficient to effect the necessary changes. http://www.securityspace.com/smysecure/catid.html?in=USN-376-1 Risk factor : High CVSS Score: 5.1
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-4806 20903 http://www.securityfocus.com/bid/20903 22732 http://secunia.com/advisories/22732 22744 http://secunia.com/advisories/22744 22752 http://secunia.com/advisories/22752 22932 http://secunia.com/advisories/22932 23441 http://secunia.com/advisories/23441 30105 http://www.osvdb.org/30105 30106 http://www.osvdb.org/30106 30107 http://www.osvdb.org/30107 30108 http://www.osvdb.org/30108 30109 http://www.osvdb.org/30109 ADV-2006-4349 http://www.vupen.com/english/advisories/2006/4349 GLSA-200612-20 http://security.gentoo.org/glsa/glsa-200612-20.xml MDKSA-2006:198 http://www.mandriva.com/security/advisories?name=MDKSA-2006:198 MDKSA-2007:156 http://www.mandriva.com/security/advisories?name=MDKSA-2007:156 SUSE-SR:2006:026 http://www.novell.com/linux/security/advisories/2006_26_sr.html USN-376-1 http://www.ubuntu.com/usn/usn-376-1 USN-376-2 http://www.ubuntu.com/usn/usn-376-2 http://www.discontinuity.info/~rowan/pocs/libimlib2_pocs-1.2.0-2.2.tar.gz imlib2-load-overflow(30064) https://exchange.xforce.ibmcloud.com/vulnerabilities/30064 Common Vulnerability Exposure (CVE) ID: CVE-2006-4807 30102 http://www.osvdb.org/30102 imlib2-loadertgac-dos(30066) https://exchange.xforce.ibmcloud.com/vulnerabilities/30066 Common Vulnerability Exposure (CVE) ID: CVE-2006-4808 30103 http://www.osvdb.org/30103 imlib2-loadertgac-bo(30068) https://exchange.xforce.ibmcloud.com/vulnerabilities/30068 Common Vulnerability Exposure (CVE) ID: CVE-2006-4809 30104 http://www.osvdb.org/30104 imlib2-loaderpnmc-bo(30070) https://exchange.xforce.ibmcloud.com/vulnerabilities/30070
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.