Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.66211
Category:Debian Local Security Checks
Title:Debian Security Advisory DSA 1931-1 (nspr)
Summary:NOSUMMARY
Description:Description:
The remote host is missing an update to nspr
announced via advisory DSA 1931-1.

Several vulnerabilities have been discovered in the NetScape Portable
Runtime Library, which may lead to the execution of arbitrary code. The
Common Vulnerabilities and Exposures project identifies the following
problems:

CVE-2009-1563

A programming error in the string handling code may lead to the
execution of arbitrary code.

CVE-2009-2463

An integer overflow in the Base64 decoding functions may lead to
the execution of arbitrary code.

The old stable distribution (etch) doesn't contain nspr.

For the stable distribution (lenny), these problems have been fixed in
version 4.7.1-5.

For the unstable distribution (sid) these problems have been fixed in
version 4.8.2-1.

We recommend that you upgrade your NSPR packages.

Solution:
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201931-1

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2009-2463
BugTraq ID: 35758
http://www.securityfocus.com/bid/35758
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01032.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10369
RedHat Security Advisories: RHSA-2009:1162
http://rhn.redhat.com/errata/RHSA-2009-1162.html
RedHat Security Advisories: RHSA-2009:1163
http://rhn.redhat.com/errata/RHSA-2009-1163.html
http://www.redhat.com/support/errata/RHSA-2010-0153.html
http://www.redhat.com/support/errata/RHSA-2010-0154.html
http://secunia.com/advisories/35914
http://secunia.com/advisories/35943
http://secunia.com/advisories/35944
http://secunia.com/advisories/35947
http://secunia.com/advisories/36005
http://secunia.com/advisories/36145
http://secunia.com/advisories/38977
http://secunia.com/advisories/39001
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020800.1-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-265068-1
SuSE Security Announcement: SUSE-SA:2009:039 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00005.html
SuSE Security Announcement: SUSE-SA:2009:042 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00002.html
SuSE Security Announcement: SUSE-SR:2010:013 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
http://www.ubuntu.com/usn/USN-915-1
http://www.vupen.com/english/advisories/2009/1972
http://www.vupen.com/english/advisories/2009/2152
http://www.vupen.com/english/advisories/2010/0648
http://www.vupen.com/english/advisories/2010/0650
Common Vulnerability Exposure (CVE) ID: CVE-2009-0689
http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html
BugTraq ID: 35510
http://www.securityfocus.com/bid/35510
Bugtraq: 20091120 K-Meleon 1.5.3 Remote Array Overrun (Arbitrary code execution) (Google Search)
http://www.securityfocus.com/archive/1/507977/100/0/threaded
Bugtraq: 20091120 SeaMonkey 1.1.8 Remote Array Overrun (Arbitrary code execution) (Google Search)
http://www.securityfocus.com/archive/1/507979/100/0/threaded
Bugtraq: 20091210 Camino 1.6.10 Remote Array Overrun (Arbitrary code execution) (Google Search)
http://www.securityfocus.com/archive/1/508423/100/0/threaded
Bugtraq: 20091210 Flock 2.5.2 Remote Array Overrun (Arbitrary code execution) (Google Search)
http://www.securityfocus.com/archive/1/508417/100/0/threaded
http://www.mandriva.com/security/advisories?name=MDVSA-2009:294
http://www.mandriva.com/security/advisories?name=MDVSA-2009:330
http://secunia.com/secunia_research/2009-35/
https://lists.debian.org/debian-lts-announce/2018/11/msg00001.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6528
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9541
http://www.redhat.com/support/errata/RHSA-2009-1601.html
RedHat Security Advisories: RHSA-2014:0311
http://rhn.redhat.com/errata/RHSA-2014-0311.html
RedHat Security Advisories: RHSA-2014:0312
http://rhn.redhat.com/errata/RHSA-2014-0312.html
http://securitytracker.com/id?1022478
http://secunia.com/advisories/37431
http://secunia.com/advisories/37682
http://secunia.com/advisories/37683
http://secunia.com/advisories/38066
http://securityreason.com/achievement_securityalert/63
http://securityreason.com/achievement_securityalert/69
http://securityreason.com/achievement_securityalert/72
http://securityreason.com/achievement_securityalert/73
http://securityreason.com/achievement_securityalert/71
http://securityreason.com/achievement_securityalert/76
http://securityreason.com/achievement_securityalert/75
http://securityreason.com/achievement_securityalert/77
http://securityreason.com/achievement_securityalert/78
http://securityreason.com/achievement_securityalert/81
http://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1
SuSE Security Announcement: SUSE-SR:2009:018 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html
http://www.vupen.com/english/advisories/2009/3297
http://www.vupen.com/english/advisories/2009/3299
http://www.vupen.com/english/advisories/2009/3334
http://www.vupen.com/english/advisories/2010/0094
CopyrightCopyright (c) 2009 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.