CentOS Local Security Checks : CentOS Update for gstreamer-plugins-good CESA-2009:1123 centos5 i386

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 146377 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.880798

Kategorie: CentOS Local Security Checks

Titel: CentOS Update for gstreamer-plugins-good CESA-2009:1123 centos5 i386

Zusammenfassung: The remote host is missing an update for the 'gstreamer-plugins-good'; package(s) announced via the referenced advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'gstreamer-plugins-good'
package(s) announced via the referenced advisory.

Vulnerability Insight:
GStreamer is a streaming media framework, based on graphs of filters which
operate on media data. GStreamer Good Plug-ins is a collection of
well-supported, good quality GStreamer plug-ins.

Multiple integer overflow flaws, that could lead to a buffer overflow, were
found in the GStreamer Good Plug-ins PNG decoding handler. An attacker
could create a specially-crafted PNG file that would cause an application
using the GStreamer Good Plug-ins library to crash or, potentially, execute
arbitrary code as the user running the application when parsed.
(CVE-2009-1932)

All users of gstreamer-plugins-good are advised to upgrade to these updated
packages, which contain a backported patch to correct these issues. After
installing the update, all applications using GStreamer Good Plug-ins (such
as some media playing applications) must be restarted for the changes to
take effect.

Affected Software/OS:
gstreamer-plugins-good on CentOS 5

Solution:
Please install the updated packages.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2009-1932
BugTraq ID: 35172
http://www.securityfocus.com/bid/35172
Debian Security Information: DSA-1839 (Google Search)
http://www.debian.org/security/2009/dsa-1839
http://security.gentoo.org/glsa/glsa-200907-11.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2009:130
http://osvdb.org/54827
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10798
http://www.redhat.com/support/errata/RHSA-2009-1123.html
http://secunia.com/advisories/35205
http://secunia.com/advisories/35583
http://secunia.com/advisories/35777
http://secunia.com/advisories/35897
http://www.vupen.com/english/advisories/2009/1506

Copyright Copyright (C) 2011 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.880798
Kategorie:	CentOS Local Security Checks
Titel:	CentOS Update for gstreamer-plugins-good CESA-2009:1123 centos5 i386
Zusammenfassung:	The remote host is missing an update for the 'gstreamer-plugins-good'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'gstreamer-plugins-good' package(s) announced via the referenced advisory. Vulnerability Insight: GStreamer is a streaming media framework, based on graphs of filters which operate on media data. GStreamer Good Plug-ins is a collection of well-supported, good quality GStreamer plug-ins. Multiple integer overflow flaws, that could lead to a buffer overflow, were found in the GStreamer Good Plug-ins PNG decoding handler. An attacker could create a specially-crafted PNG file that would cause an application using the GStreamer Good Plug-ins library to crash or, potentially, execute arbitrary code as the user running the application when parsed. (CVE-2009-1932) All users of gstreamer-plugins-good are advised to upgrade to these updated packages, which contain a backported patch to correct these issues. After installing the update, all applications using GStreamer Good Plug-ins (such as some media playing applications) must be restarted for the changes to take effect. Affected Software/OS: gstreamer-plugins-good on CentOS 5 Solution: Please install the updated packages. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1932 BugTraq ID: 35172 http://www.securityfocus.com/bid/35172 Debian Security Information: DSA-1839 (Google Search) http://www.debian.org/security/2009/dsa-1839 http://security.gentoo.org/glsa/glsa-200907-11.xml http://www.mandriva.com/security/advisories?name=MDVSA-2009:130 http://osvdb.org/54827 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10798 http://www.redhat.com/support/errata/RHSA-2009-1123.html http://secunia.com/advisories/35205 http://secunia.com/advisories/35583 http://secunia.com/advisories/35777 http://secunia.com/advisories/35897 http://www.vupen.com/english/advisories/2009/1506
Copyright	Copyright (C) 2011 Greenbone AG