English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 61204 CVE descriptions
and 32582 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.64318
Category:Ubuntu Local Security Checks
Title:Ubuntu USN-789-1 (gst-plugins-good0.10)
Summary:Ubuntu USN-789-1 (gst-plugins-good0.10)
Description:The remote host is missing an update to gst-plugins-good0.10
announced via advisory USN-789-1.

Details follow:

Tielei Wang discovered that GStreamer Good Plugins did not correctly handle
malformed PNG image files. If a user were tricked into opening a crafted
PNG image file with a GStreamer application, an attacker could cause a
denial of service via application crash, or possibly execute arbitrary code
with the privileges of the user invoking the program.

Solution:
The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
gstreamer0.10-plugins-good 0.10.3-0ubuntu4.2

Ubuntu 8.04 LTS:
gstreamer0.10-plugins-good 0.10.7-3ubuntu0.3

Ubuntu 8.10:
gstreamer0.10-plugins-good 0.10.10.4-1ubuntu1.2

Ubuntu 9.04:
gstreamer0.10-plugins-good 0.10.14-1ubuntu0.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

http://www.securityspace.com/smysecure/catid.html?in=USN-789-1
Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2009-1932
Debian Security Information: DSA-1839 (Google Search)
http://www.debian.org/security/2009/dsa-1839
http://security.gentoo.org/glsa/glsa-200907-11.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2009:130
http://www.redhat.com/support/errata/RHSA-2009-1123.html
BugTraq ID: 35172
http://www.securityfocus.com/bid/35172
http://osvdb.org/54827
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10798
http://secunia.com/advisories/35205
http://secunia.com/advisories/35583
http://secunia.com/advisories/35777
http://secunia.com/advisories/35897
http://www.vupen.com/english/advisories/2009/1506
Common Vulnerability Exposure (CVE) ID: CVE-2008-5515
Bugtraq: 20090608 [SECURITY] CVE-2008-5515 RequestDispatcher directory traversal vulnerability (Google Search)
http://www.securityfocus.com/archive/1/archive/1/504170/100/0/threaded
Bugtraq: 20090610 [SECURITY] UPDATED CVE-2008-5515 RequestDispatcher directory traversal vulnerability (Google Search)
http://www.securityfocus.com/archive/1/archive/1/504202/100/0/threaded
Bugtraq: 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components (Google Search)
http://www.securityfocus.com/archive/1/archive/1/507985/100/0/threaded
http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
Debian Security Information: DSA-2207 (Google Search)
http://www.debian.org/security/2011/dsa-2207
https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01216.html
https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01246.html
https://www.redhat.com/archives/fedora-package-announce/2009-November/msg01156.html
HPdes Security Advisory: HPSBUX02579
http://marc.info/?l=bugtraq&m=129070310906557&w=2
HPdes Security Advisory: SSRT100203
http://www.mandriva.com/security/advisories?name=MDVSA-2009:136
http://www.mandriva.com/security/advisories?name=MDVSA-2009:138
http://www.mandriva.com/security/advisories?name=MDVSA-2010:176
http://sunsolve.sun.com/search/document.do?assetkey=1-26-263529-1
SuSE Security Announcement: SUSE-SR:2009:012 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
SuSE Security Announcement: SUSE-SR:2010:008 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html
http://jvn.jp/en/jp/JVN63832775/index.html
BugTraq ID: 35263
http://www.securityfocus.com/bid/35263
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10422
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6445
http://secunia.com/advisories/35393
http://secunia.com/advisories/35685
http://secunia.com/advisories/35788
http://secunia.com/advisories/37460
http://secunia.com/advisories/39317
http://secunia.com/advisories/42368
http://secunia.com/advisories/44183
http://www.vupen.com/english/advisories/2009/1520
http://www.vupen.com/english/advisories/2009/1535
http://www.vupen.com/english/advisories/2009/1856
http://www.vupen.com/english/advisories/2009/3316
http://www.vupen.com/english/advisories/2010/3056
Common Vulnerability Exposure (CVE) ID: CVE-2009-0033
Bugtraq: 20090603 [SECURITY] CVE-2009-0033 Apache Tomcat DoS when using Java AJP connector (Google Search)
http://www.securityfocus.com/archive/1/archive/1/504044/100/0/threaded
http://jvn.jp/en/jp/JVN87272440/index.html
BugTraq ID: 35193
http://www.securityfocus.com/bid/35193
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10231
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5739
http://securitytracker.com/id?1022331
http://secunia.com/advisories/35326
http://secunia.com/advisories/35344
http://www.vupen.com/english/advisories/2009/1496
XForce ISS Database: tomcat-ajp-dos(50928)
http://xforce.iss.net/xforce/xfdb/50928
Common Vulnerability Exposure (CVE) ID: CVE-2009-0580
Bugtraq: 20090603 [SECURITY] CVE-2009-0580 Apache Tomcat User enumeration vulnerability with FORM authentication (Google Search)
http://www.securityfocus.com/archive/1/archive/1/504045/100/0/threaded
Bugtraq: 20090604 Re: [SECURITY] CVE-2009-0580 Apache Tomcat User enumeration vulnerability with FORM authentication (Google Search)
http://www.securityfocus.com/archive/1/archive/1/504108/100/0/threaded
Bugtraq: 20090605 [SECURITY] CVE-2009-0580 UPDATED Apache Tomcat User enumeration vulnerability with FORM authentication (Google Search)
http://www.securityfocus.com/archive/1/archive/1/504125/100/0/threaded
BugTraq ID: 35196
http://www.securityfocus.com/bid/35196
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6628
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9101
http://securitytracker.com/id?1022332
XForce ISS Database: tomcat-jsecuritycheck-info-disclosure(50930)
http://xforce.iss.net/xforce/xfdb/50930
Common Vulnerability Exposure (CVE) ID: CVE-2009-0781
Bugtraq: 20090306 [SECURITY] CVE-2009-0781 XSS in Apache Tomcat examples web application (Google Search)
http://www.securityfocus.com/archive/1/archive/1/501538/100/0/threaded
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11041
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6564
XForce ISS Database: tomcat-cal2-xss(49213)
http://xforce.iss.net/xforce/xfdb/49213
Common Vulnerability Exposure (CVE) ID: CVE-2009-0783
Bugtraq: 20090604 [SECURITY] CVE-2009-0783 Apache Tomcat Information disclosure (Google Search)
http://www.securityfocus.com/archive/1/archive/1/504090/100/0/threaded
BugTraq ID: 35416
http://www.securityfocus.com/bid/35416
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10716
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6450
http://www.securitytracker.com/id?1022336
XForce ISS Database: tomcat-xml-information-disclosure(51195)
http://xforce.iss.net/xforce/xfdb/51195
Common Vulnerability Exposure (CVE) ID: CVE-2009-1440
http://www.openwall.com/lists/oss-security/2009/04/22/1
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=525078
Debian Security Information: DSA-1821 (Google Search)
http://www.debian.org/security/2009/dsa-1821
BugTraq ID: 34683
http://www.securityfocus.com/bid/34683
http://secunia.com/advisories/34839
XForce ISS Database: amule-downloadlistctrl-command-execution(50205)
http://xforce.iss.net/xforce/xfdb/50205
Common Vulnerability Exposure (CVE) ID: CVE-2009-1201
Bugtraq: 20090624 Trustwave's SpiderLabs Security Advisory TWSL2009-002 (Google Search)
http://www.securityfocus.com/archive/1/archive/1/504516/100/0/threaded
https://www.trustwave.com/spiderlabs/advisories/TWSL2009-002.txt
BugTraq ID: 35476
http://www.securityfocus.com/bid/35476
http://www.securitytracker.com/id?1022457
http://secunia.com/advisories/35511
http://www.vupen.com/english/advisories/2009/1713
Common Vulnerability Exposure (CVE) ID: CVE-2009-1202
BugTraq ID: 35480
http://www.securityfocus.com/bid/35480
Common Vulnerability Exposure (CVE) ID: CVE-2009-1203
BugTraq ID: 35475
http://www.securityfocus.com/bid/35475
Common Vulnerability Exposure (CVE) ID: CVE-2009-1760
Bugtraq: 20090608 Rasterbar libtorrent arbitrary file overwrite vulnerability (Google Search)
http://www.securityfocus.com/archive/1/archive/1/504151/100/0/threaded
http://census-labs.com/news/2009/06/08/libtorrent-rasterbar/
Debian Security Information: DSA-1815 (Google Search)
http://www.debian.org/security/2009/dsa-1815
http://security.gentoo.org/glsa/glsa-200907-14.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2009:139
BugTraq ID: 35262
http://www.securityfocus.com/bid/35262
http://secunia.com/advisories/35277
http://secunia.com/advisories/35848
http://www.vupen.com/english/advisories/2009/1534
XForce ISS Database: libtorrent-path-element-dir-traversal(51008)
http://xforce.iss.net/xforce/xfdb/51008
Common Vulnerability Exposure (CVE) ID: CVE-2009-1163
Cisco Security Advisory: 20090624 Cisco Physical Access Gateway Denial of Service Vulnerability
http://www.cisco.com/en/US/products/products_security_advisory09186a0080ad0f8b.shtml
BugTraq ID: 35477
http://www.securityfocus.com/bid/35477
http://www.securitytracker.com/id?1022444
Common Vulnerability Exposure (CVE) ID: CVE-2009-2045
Cisco Security Advisory: 20090624 Vulnerabilities in Cisco Video Surveillance Products
http://www.cisco.com/en/US/products/products_security_advisory09186a0080ad0f8f.shtml
http://www.securitytracker.com/id?1022446
Common Vulnerability Exposure (CVE) ID: CVE-2009-2046
BugTraq ID: 35478
http://www.securityfocus.com/bid/35478
http://www.securitytracker.com/id?1022445
Common Vulnerability Exposure (CVE) ID: CVE-2009-0688
Debian Security Information: DSA-1807 (Google Search)
http://www.debian.org/security/2009/dsa-1807
http://security.gentoo.org/glsa/glsa-200907-09.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2009:113
http://www.redhat.com/support/errata/RHSA-2009-1116.html
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.448834
http://sunsolve.sun.com/search/document.do?assetkey=1-66-259148-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-264248-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-273910-1
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020755.1-1
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021699.1-1
SuSE Security Announcement: SUSE-SR:2009:011 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html
http://www.ubuntu.com/usn/usn-790-1
Cert/CC Advisory: TA10-103B
http://www.us-cert.gov/cas/techalerts/TA10-103B.html
CERT/CC vulnerability note: VU#238019
http://www.kb.cert.org/vuls/id/238019
BugTraq ID: 34961
http://www.securityfocus.com/bid/34961
http://osvdb.org/54514
http://osvdb.org/54515
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10687
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6136
http://www.securitytracker.com/id?1022231
http://secunia.com/advisories/35094
http://secunia.com/advisories/35097
http://secunia.com/advisories/35102
http://secunia.com/advisories/35206
http://secunia.com/advisories/35239
http://secunia.com/advisories/35321
http://secunia.com/advisories/35416
http://secunia.com/advisories/35497
http://secunia.com/advisories/35746
http://secunia.com/advisories/39428
http://www.vupen.com/english/advisories/2009/1313
http://www.vupen.com/english/advisories/2009/2012
XForce ISS Database: solaris-sasl-saslencode64-bo(50554)
http://xforce.iss.net/xforce/xfdb/50554
CopyrightCopyright (c) 2009 E-Soft Inc. http://www.securityspace.com

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.