| |||||||||||||
| Test ID: | 1.3.6.1.4.1.25623.1.0.70809 |
| Category: | Gentoo Local Security Checks |
| Title: | Gentoo Security Advisory GLSA 201201-08 (FontForge) |
| Summary: | Gentoo Security Advisory GLSA 201201-08 (FontForge) |
| Description: | Description: The remote host is missing updates announced in advisory GLSA 201201-08. A stack-based buffer overflow flaw in FontForge could result in execution of arbitrary code or a Denial of Service. Solution: All FontForge users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-gfx/fontforge-20110222-r1' NOTE: This is a legacy GLSA. Updates for all affected architectures are available since October 12, 2011. It is likely that your system is already no longer affected by this issue. http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201201-08 http://bugs.gentoo.org/show_bug.cgi?id=386293 CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2010-4259 http://www.exploit-db.com/exploits/15732 http://openwall.com/lists/oss-security/2010/12/02/5 http://openwall.com/lists/oss-security/2010/12/02/8 Debian Security Information: DSA-2253 (Google Search) http://www.debian.org/security/2011/dsa-2253 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052201.html http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052219.html BugTraq ID: 45162 http://www.securityfocus.com/bid/45162 http://secunia.com/advisories/42577 http://www.vupen.com/english/advisories/2010/3200 |
| Copyright | Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com |
| This is only one of 56160 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |
|
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois
© 1998-2017 E-Soft Inc. All rights reserved.