Test Kennung:	1.3.6.1.4.1.25623.1.0.881120
Kategorie:	CentOS Local Security Checks
Titel:	CentOS Update for raptor CESA-2012:0410 centos6
Zusammenfassung:	The remote host is missing an update for the 'raptor'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'raptor' package(s) announced via the referenced advisory. Vulnerability Insight: Raptor provides parsers for Resource Description Framework (RDF) files. An XML External Entity expansion flaw was found in the way Raptor processed RDF files. If an application linked against Raptor were to open a specially-crafted RDF file, it could possibly allow a remote attacker to obtain a copy of an arbitrary local file that the user running the application had access to. A bug in the way Raptor handled external entities could cause that application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2012-0037) Red Hat would like to thank Timothy D. Morgan of VSR for reporting this issue. All Raptor users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications linked against Raptor must be restarted for this update to take effect. Affected Software/OS: raptor on CentOS 6 Solution: Please install the updated packages. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2012-0037 1026837 http://www.securitytracker.com/id?1026837 48479 http://secunia.com/advisories/48479 48493 http://secunia.com/advisories/48493 48494 http://secunia.com/advisories/48494 48526 http://secunia.com/advisories/48526 48529 http://secunia.com/advisories/48529 48542 http://secunia.com/advisories/48542 48649 http://secunia.com/advisories/48649 50692 http://secunia.com/advisories/50692 52681 http://www.securityfocus.com/bid/52681 60799 http://secunia.com/advisories/60799 80307 http://www.osvdb.org/80307 DSA-2438 http://www.debian.org/security/2012/dsa-2438 FEDORA-2012-4629 http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077708.html FEDORA-2012-4663 http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078242.html GLSA-201209-05 http://security.gentoo.org/glsa/glsa-201209-05.xml GLSA-201408-19 http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml MDVSA-2012:061 http://www.mandriva.com/security/advisories?name=MDVSA-2012:061 MDVSA-2012:062 http://www.mandriva.com/security/advisories?name=MDVSA-2012:062 MDVSA-2012:063 http://www.mandriva.com/security/advisories?name=MDVSA-2012:063 RHSA-2012:0410 http://rhn.redhat.com/errata/RHSA-2012-0410.html RHSA-2012:0411 http://rhn.redhat.com/errata/RHSA-2012-0411.html [openoffice-commits] 20200305 svn commit: r1874832 - in /openoffice/ooo-site/trunk/content: download/checksums.html download/globalvars.js download/test/globalvars.js security/cves/CVE-2012-0037.html security/cves/CVE-2013-1571.html https://lists.apache.org/thread.html/re0504f08000df786e51795940501e81a5d0ae981ecca68141e87ece0%40%3Ccommits.openoffice.apache.org%3E [oss-security] 20120427 Fwd: CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation (Multiple office products affected) http://www.openwall.com/lists/oss-security/2012/03/27/4 http://blog.documentfoundation.org/2012/03/22/tdf-announces-libreoffice-3-4-6/ http://librdf.org/raptor/RELEASE.html#rel2_0_7 http://vsecurity.com/resources/advisory/20120324-1/ http://www.libreoffice.org/advisories/CVE-2012-0037/ http://www.openoffice.org/security/cves/CVE-2012-0037.html https://github.com/dajobe/raptor/commit/a676f235309a59d4aa78eeffd2574ae5d341fcb0 openoffice-xml-info-disclosure(74235) https://exchange.xforce.ibmcloud.com/vulnerabilities/74235
Copyright	Copyright (C) 2012 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.