Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2004:154 (kdelibs)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.50634

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDKSA-2004:154 (kdelibs)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to kdelibs
announced via advisory MDKSA-2004:154.

A vulnerability in the Konqueror webbrowser was discovered where an
untrusted java applet could escalate privileges (through JavaScript
calling into Java code). This includes the reading and writing of
files with the privileges of the user running the applet.

The provided packages have been patched to correct this problem.

Affected versions: 10.0, 10.1

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2004:154
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1145
http://www.kde.org/info/security/advisory-20041220-1.txt
http://www.heise.de/security/dienste/browsercheck/tests/java.shtml

Risk factor : Medium

CVSS Score:
5.0

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-1145
Bugtraq: 20041220 KDE Security Advisory: Konqueror Java Vulnerability (Google Search)
http://marc.info/?l=bugtraq&m=110356286722875&w=2
CERT/CC vulnerability note: VU#420222
http://www.kb.cert.org/vuls/id/420222
http://www.gentoo.org/security/en/glsa/glsa-200501-16.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2004:154
http://www.heise.de/security/dienste/browsercheck/tests/java.shtml
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10173
http://www.redhat.com/support/errata/RHSA-2005-065.html
http://secunia.com/advisories/13586
XForce ISS Database: konqueror-sandbox-restriction-bypass(18596)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18596

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.50634
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2004:154 (kdelibs)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to kdelibs announced via advisory MDKSA-2004:154. A vulnerability in the Konqueror webbrowser was discovered where an untrusted java applet could escalate privileges (through JavaScript calling into Java code). This includes the reading and writing of files with the privileges of the user running the applet. The provided packages have been patched to correct this problem. Affected versions: 10.0, 10.1 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2004:154 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1145 http://www.kde.org/info/security/advisory-20041220-1.txt http://www.heise.de/security/dienste/browsercheck/tests/java.shtml Risk factor : Medium CVSS Score: 5.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-1145 Bugtraq: 20041220 KDE Security Advisory: Konqueror Java Vulnerability (Google Search) http://marc.info/?l=bugtraq&m=110356286722875&w=2 CERT/CC vulnerability note: VU#420222 http://www.kb.cert.org/vuls/id/420222 http://www.gentoo.org/security/en/glsa/glsa-200501-16.xml http://www.mandriva.com/security/advisories?name=MDKSA-2004:154 http://www.heise.de/security/dienste/browsercheck/tests/java.shtml https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10173 http://www.redhat.com/support/errata/RHSA-2005-065.html http://secunia.com/advisories/13586 XForce ISS Database: konqueror-sandbox-restriction-bypass(18596) https://exchange.xforce.ibmcloud.com/vulnerabilities/18596
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com