Test ID:	1.3.6.1.4.1.25623.1.0.64433
Category:	Gentoo Local Security Checks
Title:	Gentoo Security Advisory GLSA 200907-11 (gst-plugins-good gst-plugins-base gst-plugins-libpng)
Summary:	The remote host is missing updates announced in;advisory GLSA 200907-11.
Description:	Summary: The remote host is missing updates announced in advisory GLSA 200907-11. Vulnerability Insight: Multiple vulnerabilities in multiple GStreamer plug-ins might allow for the execution of arbitrary code. Solution: All gst-plugins-good users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-libs/gst-plugins-good-0.10.14' All gst-plugins-base users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-libs/gst-plugins-base-0.10.22' All gst-plugins-libpng users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-plugins/gst-plugins-libpng-0.10.14-r1' CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0386 BugTraq ID: 33405 http://www.securityfocus.com/bid/33405 Bugtraq: 20090122 [TKADV2009-003] GStreamer Heap Overflow and Array Index out of Bounds Vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/500317/100/0/threaded http://security.gentoo.org/glsa/glsa-200907-11.xml http://www.mandriva.com/security/advisories?name=MDVSA-2009:035 http://trapkit.de/advisories/TKADV2009-003.txt http://www.openwall.com/lists/oss-security/2009/01/29/3 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10306 http://www.redhat.com/support/errata/RHSA-2009-0271.html http://secunia.com/advisories/33650 http://secunia.com/advisories/33815 http://secunia.com/advisories/34336 http://secunia.com/advisories/35777 SuSE Security Announcement: SUSE-SR:2009:005 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html http://www.ubuntu.com/usn/USN-736-1 http://www.vupen.com/english/advisories/2009/0225 Common Vulnerability Exposure (CVE) ID: CVE-2009-0387 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10611 Common Vulnerability Exposure (CVE) ID: CVE-2009-0397 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9942 http://www.redhat.com/support/errata/RHSA-2009-0270.html http://secunia.com/advisories/33830 XForce ISS Database: gstreamer-qtdemuxparse-bo(48555) https://exchange.xforce.ibmcloud.com/vulnerabilities/48555 Common Vulnerability Exposure (CVE) ID: CVE-2009-0586 20090312 [oCERT-2008-015] glib and glib-predecessor heap overflows http://www.securityfocus.com/archive/1/501712/100/0/threaded 34100 http://www.securityfocus.com/bid/34100 34335 http://secunia.com/advisories/34335 34350 http://secunia.com/advisories/34350 35777 GLSA-200907-11 MDVSA-2009:085 http://www.mandriva.com/security/advisories?name=MDVSA-2009:085 SUSE-SR:2009:009 http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html USN-735-1 http://www.ubuntu.com/usn/USN-735-1 [oss-security] 20090312 [oCERT-2008-015] glib and glib-predecessor heap overflows http://openwall.com/lists/oss-security/2009/03/12/2 gstreamer-gstvorbistagaddcoverart-bo(49274) https://exchange.xforce.ibmcloud.com/vulnerabilities/49274 http://cgit.freedesktop.org/gstreamer/gst-plugins-base/commit/?id=566583e87147f774e7fc4c78b5f7e61d427e40a9 http://ocert.org/patches/2008-015/gst-plugins-base-CVE-2009-0586.diff http://www.ocert.org/advisories/ocert-2008-015.html oval:org.mitre.oval:def:9694 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9694 Common Vulnerability Exposure (CVE) ID: CVE-2009-1932 BugTraq ID: 35172 http://www.securityfocus.com/bid/35172 Debian Security Information: DSA-1839 (Google Search) http://www.debian.org/security/2009/dsa-1839 http://www.mandriva.com/security/advisories?name=MDVSA-2009:130 http://osvdb.org/54827 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10798 http://www.redhat.com/support/errata/RHSA-2009-1123.html http://secunia.com/advisories/35205 http://secunia.com/advisories/35583 http://secunia.com/advisories/35897 http://www.vupen.com/english/advisories/2009/1506
Copyright	Copyright (C) 2009 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.