Test ID:	1.3.6.1.4.1.25623.1.0.59927
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-550-1 (libcairo)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to libcairo announced via advisory USN-550-1. A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. Peter Valchev discovered that Cairo did not correctly decode PNG image data. By tricking a user or automated system into processing a specially crafted PNG with Cairo, a remote attacker could execute arbitrary code with user privileges. Solution: The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libcairo2 1.0.4-0ubuntu1.1 Ubuntu 6.10: libcairo2 1.2.4-1ubuntu2.1 Ubuntu 7.04: libcairo2 1.4.2-0ubuntu1.1 Ubuntu 7.10: libcairo2 1.4.10-1ubuntu4.1 After a standard system upgrade you need to restart your session to effect the necessary changes. http://www.securityspace.com/smysecure/catid.html?in=USN-550-1 Risk factor : High CVSS Score: 6.8
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-5503 1019027 http://www.securitytracker.com/id?1019027 20080115 rPSA-2008-0015-1 cairo http://www.securityfocus.com/archive/1/486405/100/0/threaded 20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues. http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html http://www.securityfocus.com/archive/1/495869/100/0/threaded 26650 http://www.securityfocus.com/bid/26650 27775 http://secunia.com/advisories/27775 27819 http://secunia.com/advisories/27819 27880 http://secunia.com/advisories/27880 27887 http://secunia.com/advisories/27887 27985 http://secunia.com/advisories/27985 28289 http://secunia.com/advisories/28289 28476 http://secunia.com/advisories/28476 28529 http://secunia.com/advisories/28529 28555 http://secunia.com/advisories/28555 28838 http://secunia.com/advisories/28838 29767 http://secunia.com/advisories/29767 31707 http://secunia.com/advisories/31707 31711 http://secunia.com/advisories/31711 ADV-2007-4045 http://www.vupen.com/english/advisories/2007/4045 ADV-2008-2466 http://www.vupen.com/english/advisories/2008/2466 DSA-1542 http://www.debian.org/security/2008/dsa-1542 FEDORA-2007-3818 https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00630.html GLSA-200712-04 http://security.gentoo.org/glsa/glsa-200712-04.xml GLSA-200712-24 http://www.gentoo.org/security/en/glsa/glsa-200712-24.xml GLSA-201209-25 http://security.gentoo.org/glsa/glsa-201209-25.xml MDVSA-2008:019 http://www.mandriva.com/security/advisories?name=MDVSA-2008:019 RHSA-2007:1078 http://rhn.redhat.com/errata/RHSA-2007-1078.html SSA:2007-337-01 http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.362119 SUSE-SR:2008:003 http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html USN-550-1 https://usn.ubuntu.com/550-1/ USN-550-2 https://usn.ubuntu.com/550-2/ cario-readpng-bo(38771) https://exchange.xforce.ibmcloud.com/vulnerabilities/38771 http://bugs.gentoo.org/show_bug.cgi?id=200350 http://bugs.gentoo.org/show_bug.cgi?id=201860 http://gitweb.freedesktop.org/?p=cairo%3Ba=commitdiff%3Bh=5c7d2d14d78e4dfb1ef6d2c40f0910f177e07360 http://gitweb.freedesktop.org/?p=cairo%3Ba=commitdiff%3Bh=e49bcde27f88e21d5b8037a0089a226096f6514b http://gitweb.freedesktop.org/?p=cairo%3Ba=commitdiff_plain%3Bh=6020f67f1a49cfe3844c4938d4af24c63c8424cc%3Bhp=c79fc9af334fd6f2d1078071d64178125561b187 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0015 http://www.vmware.com/security/advisories/VMSA-2008-0014.html http://www.vmware.com/support/player2/doc/releasenotes_player2.html http://www.vmware.com/support/server/doc/releasenotes_server.html http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html https://bugzilla.redhat.com/show_bug.cgi?id=387431 https://issues.rpath.com/browse/RPL-1966 oval:org.mitre.oval:def:11251 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11251
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.