Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.68025
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2010:0720
Summary:NOSUMMARY
Description:Description:
The remote host is missing updates announced in
advisory RHSA-2010:0720.

MikMod is a MOD music file player for Linux, UNIX, and similar operating
systems. It supports various file formats including MOD, STM, S3M, MTM, XM,
ULT, and IT.

Multiple input validation flaws, resulting in buffer overflows, were
discovered in MikMod. Specially-crafted music files in various formats
could, when played, cause an application using the MikMod library to crash
or, potentially, execute arbitrary code. (CVE-2009-3995, CVE-2009-3996,
CVE-2007-6720)

All MikMod users should upgrade to these updated packages, which contain
backported patches to correct these issues. All running applications using
the MikMod library must be restarted for this update to take effect.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2010-0720.html
http://www.redhat.com/security/updates/classification/#moderate

Risk factor : Critical

CVSS Score:
9.3

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-6720
BugTraq ID: 33235
http://www.securityfocus.com/bid/33235
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01305.html
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01312.html
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=461519
http://openwall.com/lists/oss-security/2009/01/13/2
http://secunia.com/advisories/34259
SuSE Security Announcement: SUSE-SR:2009:006 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html
Common Vulnerability Exposure (CVE) ID: CVE-2009-3995
BugTraq ID: 37374
http://www.securityfocus.com/bid/37374
Bugtraq: 20091217 Secunia Research: Winamp Impulse Tracker Instrument Parsing Buffer Overflows (Google Search)
http://www.securityfocus.com/archive/1/508527/100/0/threaded
Bugtraq: 20091217 Secunia Research: Winamp Impulse Tracker Sample Parsing Buffer Overflow (Google Search)
http://www.securityfocus.com/archive/1/508526/100/0/threaded
http://www.mandriva.com/security/advisories?name=MDVSA-2010:151
http://secunia.com/secunia_research/2009-52/
http://secunia.com/secunia_research/2009-53/
http://secunia.com/secunia_research/2009-55/
http://secunia.com/advisories/37495
http://secunia.com/advisories/40799
SuSE Security Announcement: SUSE-SR:2010:011 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html
http://www.vupen.com/english/advisories/2009/3575
http://www.vupen.com/english/advisories/2010/1107
http://www.vupen.com/english/advisories/2010/1957
Common Vulnerability Exposure (CVE) ID: CVE-2009-3996
Bugtraq: 20091217 Secunia Research: Winamp Ultratracker File Parsing Buffer Overflow (Google Search)
http://www.securityfocus.com/archive/1/508528/100/0/threaded
http://secunia.com/secunia_research/2009-56/
CopyrightCopyright (c) 2010 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.