Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2015-1708)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.123011

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2015-1708)

Resumen: The remote host is missing an update for the 'libXfont' package(s) announced via the ELSA-2015-1708 advisory.

Descripción: Summary:
The remote host is missing an update for the 'libXfont' package(s) announced via the ELSA-2015-1708 advisory.

Vulnerability Insight:
[1.4.5-5]
- CVE-2015-1802: missing range check in bdfReadProperties (bug 1258892)
- CVE-2015-1803: crash on invalid read in bdfReadCharacters (bug 1258892)
- CVE-2015-1804: out-of-bounds memory access in bdfReadCharacters (bug 1258892)

Affected Software/OS:
'libXfont' package(s) on Oracle Linux 6, Oracle Linux 7.

Solution:
Please install the updated package(s).

CVSS Score:
8.5

CVSS Vector:
AV:N/AC:M/Au:S/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2015-1802
BugTraq ID: 73277
http://www.securityfocus.com/bid/73277
Debian Security Information: DSA-3194 (Google Search)
http://www.debian.org/security/2015/dsa-3194
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152497.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152838.html
https://security.gentoo.org/glsa/201507-21
http://www.mandriva.com/security/advisories?name=MDVSA-2015:145
http://www.x.org/wiki/Development/Security/Advisory-2015-03-17/
RedHat Security Advisories: RHSA-2015:1708
http://rhn.redhat.com/errata/RHSA-2015-1708.html
http://www.securitytracker.com/id/1031935
SuSE Security Announcement: SUSE-SU-2015:0674 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00002.html
SuSE Security Announcement: SUSE-SU-2015:0702 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00005.html
SuSE Security Announcement: openSUSE-SU-2015:0614 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00032.html
http://www.ubuntu.com/usn/USN-2536-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-1803
BugTraq ID: 73280
http://www.securityfocus.com/bid/73280
Common Vulnerability Exposure (CVE) ID: CVE-2015-1804
BugTraq ID: 73279
http://www.securityfocus.com/bid/73279
SuSE Security Announcement: openSUSE-SU-2015:2300 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-12/msg00074.html

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.123011
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2015-1708)
Resumen:	The remote host is missing an update for the 'libXfont' package(s) announced via the ELSA-2015-1708 advisory.
Descripción:	Summary: The remote host is missing an update for the 'libXfont' package(s) announced via the ELSA-2015-1708 advisory. Vulnerability Insight: [1.4.5-5] - CVE-2015-1802: missing range check in bdfReadProperties (bug 1258892) - CVE-2015-1803: crash on invalid read in bdfReadCharacters (bug 1258892) - CVE-2015-1804: out-of-bounds memory access in bdfReadCharacters (bug 1258892) Affected Software/OS: 'libXfont' package(s) on Oracle Linux 6, Oracle Linux 7. Solution: Please install the updated package(s). CVSS Score: 8.5 CVSS Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-1802 BugTraq ID: 73277 http://www.securityfocus.com/bid/73277 Debian Security Information: DSA-3194 (Google Search) http://www.debian.org/security/2015/dsa-3194 http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152497.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152838.html https://security.gentoo.org/glsa/201507-21 http://www.mandriva.com/security/advisories?name=MDVSA-2015:145 http://www.x.org/wiki/Development/Security/Advisory-2015-03-17/ RedHat Security Advisories: RHSA-2015:1708 http://rhn.redhat.com/errata/RHSA-2015-1708.html http://www.securitytracker.com/id/1031935 SuSE Security Announcement: SUSE-SU-2015:0674 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00002.html SuSE Security Announcement: SUSE-SU-2015:0702 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00005.html SuSE Security Announcement: openSUSE-SU-2015:0614 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00032.html http://www.ubuntu.com/usn/USN-2536-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-1803 BugTraq ID: 73280 http://www.securityfocus.com/bid/73280 Common Vulnerability Exposure (CVE) ID: CVE-2015-1804 BugTraq ID: 73279 http://www.securityfocus.com/bid/73279 SuSE Security Announcement: openSUSE-SU-2015:2300 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-12/msg00074.html
Copyright	Copyright (C) 2015 Greenbone AG