Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2006:014 (wine)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.56135

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDKSA-2006:014 (wine)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to wine
announced via advisory MDKSA-2006:014.

A vulnerability was discovered by H D Moore in Wine which implements
the SETABORTPROC GDI Escape function for Windows Metafile (WMF) files.
This could be abused by an attacker who is able to entice a user to
open a specially crafted WMF file from within a Wine-execute Windows
application, possibly resulting in the execution of arbitrary code
with the privileges of the user runing Wine.

The updated packages have been patched to correct these problems.

Affected: 2006.0, Corporate 3.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2006:014

Risk factor : High

CVSS Score:
7.5

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-0106
Bugtraq: 20060117 ERRATA: [ GLSA 200601-09 ] Wine: Windows Metafile SETABORTPROC vulnerability (Google Search)
http://www.securityfocus.com/archive/1/422128/100/0/threaded
Debian Security Information: DSA-954 (Google Search)
http://www.debian.org/security/2006/dsa-954
http://www.gentoo.org/security/en/glsa/glsa-200601-09.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:014
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=346197
http://lists.immunitysec.com/pipermail/dailydave/2006-January/002806.html
http://secunia.com/advisories/18323
http://secunia.com/advisories/18451
http://secunia.com/advisories/18549
http://secunia.com/advisories/18578
SuSE Security Announcement: SUSE-SR:2006:002 (Google Search)
http://www.novell.com/linux/security/advisories/2006_02_sr.html
http://www.vupen.com/english/advisories/2006/0098
XForce ISS Database: win-wmf-execute-code(23846)
https://exchange.xforce.ibmcloud.com/vulnerabilities/23846

Copyright Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.56135
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2006:014 (wine)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to wine announced via advisory MDKSA-2006:014. A vulnerability was discovered by H D Moore in Wine which implements the SETABORTPROC GDI Escape function for Windows Metafile (WMF) files. This could be abused by an attacker who is able to entice a user to open a specially crafted WMF file from within a Wine-execute Windows application, possibly resulting in the execution of arbitrary code with the privileges of the user runing Wine. The updated packages have been patched to correct these problems. Affected: 2006.0, Corporate 3.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2006:014 Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-0106 Bugtraq: 20060117 ERRATA: [ GLSA 200601-09 ] Wine: Windows Metafile SETABORTPROC vulnerability (Google Search) http://www.securityfocus.com/archive/1/422128/100/0/threaded Debian Security Information: DSA-954 (Google Search) http://www.debian.org/security/2006/dsa-954 http://www.gentoo.org/security/en/glsa/glsa-200601-09.xml http://www.mandriva.com/security/advisories?name=MDKSA-2006:014 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=346197 http://lists.immunitysec.com/pipermail/dailydave/2006-January/002806.html http://secunia.com/advisories/18323 http://secunia.com/advisories/18451 http://secunia.com/advisories/18549 http://secunia.com/advisories/18578 SuSE Security Announcement: SUSE-SR:2006:002 (Google Search) http://www.novell.com/linux/security/advisories/2006_02_sr.html http://www.vupen.com/english/advisories/2006/0098 XForce ISS Database: win-wmf-execute-code(23846) https://exchange.xforce.ibmcloud.com/vulnerabilities/23846
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com