 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.880852 |
| Kategorie: | CentOS Local Security Checks |
| Titel: | CentOS Update for gstreamer-plugins-base CESA-2009:0352 centos5 i386 |
| Zusammenfassung: | The remote host is missing an update for the 'gstreamer-plugins-base'; package(s) announced via the referenced advisory. |
| Beschreibung: | Summary: The remote host is missing an update for the 'gstreamer-plugins-base' package(s) announced via the referenced advisory. Vulnerability Insight: GStreamer is a streaming media framework based on graphs of filters which operate on media data. GStreamer Base Plug-ins is a collection of well-maintained base plug-ins. An integer overflow flaw which caused a heap-based buffer overflow was discovered in the Vorbis comment tags reader. An attacker could create a carefully-crafted Vorbis file that would cause an application using GStreamer to crash or, potentially, execute arbitrary code if opened by a victim. (CVE-2009-0586) All users of gstreamer-plugins-base are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, all applications using GStreamer (such as Totem or Rhythmbox) must be restarted for the changes to take effect. Affected Software/OS: gstreamer-plugins-base on CentOS 5 Solution: Please install the updated packages. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2009-0586 20090312 [oCERT-2008-015] glib and glib-predecessor heap overflows http://www.securityfocus.com/archive/1/501712/100/0/threaded 34100 http://www.securityfocus.com/bid/34100 34335 http://secunia.com/advisories/34335 34350 http://secunia.com/advisories/34350 35777 http://secunia.com/advisories/35777 GLSA-200907-11 http://security.gentoo.org/glsa/glsa-200907-11.xml MDVSA-2009:085 http://www.mandriva.com/security/advisories?name=MDVSA-2009:085 SUSE-SR:2009:009 http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html USN-735-1 http://www.ubuntu.com/usn/USN-735-1 [oss-security] 20090312 [oCERT-2008-015] glib and glib-predecessor heap overflows http://openwall.com/lists/oss-security/2009/03/12/2 gstreamer-gstvorbistagaddcoverart-bo(49274) https://exchange.xforce.ibmcloud.com/vulnerabilities/49274 http://cgit.freedesktop.org/gstreamer/gst-plugins-base/commit/?id=566583e87147f774e7fc4c78b5f7e61d427e40a9 http://ocert.org/patches/2008-015/gst-plugins-base-CVE-2009-0586.diff http://www.ocert.org/advisories/ocert-2008-015.html oval:org.mitre.oval:def:9694 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9694 |
| Copyright | Copyright (C) 2011 Greenbone AG |
| Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |