Description: | Description: The remote host is missing an update to printer-drivers announced via advisory MDVSA-2009:096-1.
A buffer underflow in Ghostscript's CCITTFax decoding filter allows remote attackers to cause denial of service and possibly to execute arbitrary by using a crafted PDF file (CVE-2007-6725).
Multiple interger overflows in Ghostsript's International Color Consortium Format Library (icclib) allows attackers to cause denial of service (heap-based buffer overflow and application crash) and possibly execute arbirary code by using either a PostScript or PDF file with crafte embedded images (CVE-2009-0583, CVE-2009-0584).
Multiple interger overflows in Ghostsript's International Color Consortium Format Library (icclib) allows attackers to cause denial of service (heap-based buffer overflow and application crash) and possibly execute arbirary code by using either a PostScript or PDF file with crafte embedded images. Note: this issue exists because of an incomplete fix for CVE-2009-0583 (CVE-2009-0792).
This update provides fixes for that vulnerabilities.
Update:
The previous update went with a wrong require version of perl-base in the foomatic-db-engine package. It is fixed on this update.
Affected: Corporate 3.0
Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:096-1
CVSS Score: 9.3
CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
|