Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.63612
Category:Gentoo Local Security Checks
Title:Gentoo Security Advisory GLSA 200903-28 (libpng)
Summary:NOSUMMARY
Description:Description:
The remote host is missing updates announced in
advisory GLSA 200903-28.

Multiple vulnerabilities were found in libpng, which might result in the
execution of arbitrary code

Solution:
All libpng users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=media-libs/libpng-1.2.35'

http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200903-28
http://bugs.gentoo.org/show_bug.cgi?id=244808
http://bugs.gentoo.org/show_bug.cgi?id=255231
http://bugs.gentoo.org/show_bug.cgi?id=259578

CVSS Score:
7.1

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2008-5907
Debian Security Information: DSA-1750 (Google Search)
http://www.debian.org/security/2009/dsa-1750
http://security.gentoo.org/glsa/glsa-200903-28.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2009:051
http://openwall.com/lists/oss-security/2009/01/09/1
http://sourceforge.net/mailarchive/forum.php?thread_name=4B6F0239C13D0245820603C036D180BC79FBAA%40CABOTUKEXCH01.cabot.local&forum_name=png-mng-implement
http://secunia.com/advisories/34320
http://secunia.com/advisories/34388
SuSE Security Announcement: SUSE-SR:2009:003 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.html
XForce ISS Database: libpng-pngcheckkeyword-memory-corruption(48128)
https://exchange.xforce.ibmcloud.com/vulnerabilities/48128
Common Vulnerability Exposure (CVE) ID: CVE-2008-6218
BugTraq ID: 31920
http://www.securityfocus.com/bid/31920
Bugtraq: 20090312 rPSA-2009-0046-1 libpng (Google Search)
http://www.securityfocus.com/archive/1/501767/100/0/threaded
http://www.mandriva.com/security/advisories?name=MDVSA-2010:133
http://www.securitytracker.com/id?1021104
http://secunia.com/advisories/32418
http://secunia.com/advisories/34265
http://www.vupen.com/english/advisories/2008/2917
http://www.vupen.com/english/advisories/2010/1837
XForce ISS Database: libpng-pnghandletext-dos(46115)
https://exchange.xforce.ibmcloud.com/vulnerabilities/46115
Common Vulnerability Exposure (CVE) ID: CVE-2009-0040
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html
http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html
http://lists.apple.com/archives/security-announce/2009/Aug/msg00001.html
BugTraq ID: 33827
http://www.securityfocus.com/bid/33827
BugTraq ID: 33990
http://www.securityfocus.com/bid/33990
Bugtraq: 20090529 VMSA-2009-0007 VMware Hosted products and ESX and ESXi patches resolve security issues (Google Search)
http://www.securityfocus.com/archive/1/503912/100/0/threaded
Bugtraq: 20090821 VMSA-2009-0010 VMware Hosted products update libpng and Apache HTTP Server (Google Search)
http://www.securityfocus.com/archive/1/505990/100/0/threaded
Cert/CC Advisory: TA09-133A
http://www.us-cert.gov/cas/techalerts/TA09-133A.html
Cert/CC Advisory: TA09-218A
http://www.us-cert.gov/cas/techalerts/TA09-218A.html
CERT/CC vulnerability note: VU#649212
http://www.kb.cert.org/vuls/id/649212
Debian Security Information: DSA-1830 (Google Search)
http://www.debian.org/security/2009/dsa-1830
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00412.html
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00272.html
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00769.html
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00771.html
http://security.gentoo.org/glsa/glsa-201209-25.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2009:075
http://www.mandriva.com/security/advisories?name=MDVSA-2009:083
http://sourceforge.net/mailarchive/message.php?msg_name=e56ccc8f0902181726i200f4bf0n20d919473ec409b7%40mail.gmail.com
http://lists.vmware.com/pipermail/security-announce/2009/000062.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10316
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6458
http://www.redhat.com/support/errata/RHSA-2009-0315.html
http://www.redhat.com/support/errata/RHSA-2009-0325.html
http://www.redhat.com/support/errata/RHSA-2009-0333.html
http://www.redhat.com/support/errata/RHSA-2009-0340.html
http://secunia.com/advisories/33970
http://secunia.com/advisories/33976
http://secunia.com/advisories/34137
http://secunia.com/advisories/34140
http://secunia.com/advisories/34143
http://secunia.com/advisories/34145
http://secunia.com/advisories/34152
http://secunia.com/advisories/34210
http://secunia.com/advisories/34272
http://secunia.com/advisories/34324
http://secunia.com/advisories/34462
http://secunia.com/advisories/34464
http://secunia.com/advisories/35074
http://secunia.com/advisories/35258
http://secunia.com/advisories/35302
http://secunia.com/advisories/35379
http://secunia.com/advisories/35386
http://secunia.com/advisories/36096
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.405420
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.433952
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1
SuSE Security Announcement: SUSE-SA:2009:012 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00002.html
SuSE Security Announcement: SUSE-SA:2009:023 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00009.html
SuSE Security Announcement: SUSE-SR:2009:005 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html
http://www.vupen.com/english/advisories/2009/0469
http://www.vupen.com/english/advisories/2009/0473
http://www.vupen.com/english/advisories/2009/0632
http://www.vupen.com/english/advisories/2009/1297
http://www.vupen.com/english/advisories/2009/1451
http://www.vupen.com/english/advisories/2009/1462
http://www.vupen.com/english/advisories/2009/1522
http://www.vupen.com/english/advisories/2009/1560
http://www.vupen.com/english/advisories/2009/1621
http://www.vupen.com/english/advisories/2009/2172
XForce ISS Database: libpng-pointer-arrays-code-execution(48819)
https://exchange.xforce.ibmcloud.com/vulnerabilities/48819
CopyrightCopyright (c) 2009 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.