Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.59677
Kategorie:Turbolinux Local Security Tests
Titel:Turbolinux TLSA-2007-50 (libvorbis)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing an update to libvorbis
announced via advisory TLSA-2007-50.

Libvorbis is a library for handling Ogg Vorbis, a fully open,
non-proprietary, patent-and-royalty-free, general-purpose compressed
audio format for audio and music at fixed and variable bitrates from
16 to 128 kbps/channel.

Remote attackers to execute arbitrary code.

These vulnerabilities may allow remote attackers to execute arbitrary code.

Solution: Please use the turbopkg (zabom) tool to apply the update.
https://secure1.securityspace.com/smysecure/catid.html?in=TLSA-2007-50

Risk factor : High

CVSS Score:
6.8

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2007-3106
BugTraq ID: 25082
http://www.securityfocus.com/bid/25082
Bugtraq: 20070726 libvorbis 1.1.2 - Multiple memory corruption flaws (Google Search)
http://www.securityfocus.com/archive/1/474729/100/0/threaded
Debian Security Information: DSA-1471 (Google Search)
http://www.debian.org/security/2008/dsa-1471
http://security.gentoo.org/glsa/glsa-200710-03.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:167-1
http://www.isecpartners.com/advisories/2007-003-libvorbis.txt
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11449
http://www.redhat.com/support/errata/RHSA-2007-0845.html
http://www.redhat.com/support/errata/RHSA-2007-0912.html
http://secunia.com/advisories/24923
http://secunia.com/advisories/26087
http://secunia.com/advisories/26232
http://secunia.com/advisories/26299
http://secunia.com/advisories/26429
http://secunia.com/advisories/26535
http://secunia.com/advisories/26865
http://secunia.com/advisories/27099
http://secunia.com/advisories/28614
http://www.ubuntu.com/usn/usn-498-1
http://www.vupen.com/english/advisories/2007/2698
http://www.vupen.com/english/advisories/2007/2760
XForce ISS Database: libvorbis-inverse-code-execution(35622)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35622
Common Vulnerability Exposure (CVE) ID: CVE-2007-4029
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10570
http://securitytracker.com/id?1018712
http://secunia.com/advisories/27439
SuSE Security Announcement: SUSE-SR:2007:023 (Google Search)
http://www.novell.com/linux/security/advisories/2007_23_sr.html
XForce ISS Database: libvorbis-blocksize-code-execution(35624)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35624
XForce ISS Database: libvorbis-infoclear-code-execution(35623)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35623
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.