Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2006:019 (kdelibs)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.56183

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDKSA-2006:019 (kdelibs)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to kdelibs
announced via advisory MDKSA-2006:019.

A heap overflow vulnerability was discovered in kjs, the KDE JavaScript
interpretter engine. An attacker could create a malicious web site
that contained carefully crafted JavaScript code that could trigger the
flaw and potentially lead to the arbitrary execution of code as the
user visiting the site.

The updated packages have been patched to correct this problem.

Affected: 2006.0, Corporate 3.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2006:019

Risk factor : High

CVSS Score:
7.5

Referencia Cruzada: BugTraq ID: 16325
Common Vulnerability Exposure (CVE) ID: CVE-2006-0019
1015512
http://securitytracker.com/id?1015512
16325
http://www.securityfocus.com/bid/16325
18500
http://secunia.com/advisories/18500
18540
http://secunia.com/advisories/18540
18552
http://secunia.com/advisories/18552
18559
http://secunia.com/advisories/18559
18561
http://secunia.com/advisories/18561
18570
http://secunia.com/advisories/18570
18583
http://secunia.com/advisories/18583
18899
http://secunia.com/advisories/18899
20060119 [KDE Security Advisory] kjs encodeuri/decodeuri heap overflow
http://www.securityfocus.com/archive/1/422464/100/0/threaded
22659
http://www.osvdb.org/22659
364
http://securityreason.com/securityalert/364
ADV-2006-0265
http://www.vupen.com/english/advisories/2006/0265
DSA-948
http://www.debian.org/security/2006/dsa-948
FLSA:178606
http://www.securityfocus.com/archive/1/427976/100/0/threaded
GLSA-200601-11
http://www.gentoo.org/security/en/glsa/glsa-200601-11.xml
MDKSA-2006:019
http://www.mandriva.com/security/advisories?name=MDKSA-2006:019
RHSA-2006:0184
http://www.redhat.com/support/errata/RHSA-2006-0184.html
SSA:2006-045-05
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.361107
SUSE-SA:2006:003
http://www.securityfocus.com/archive/1/422489/100/0/threaded
USN-245-1
http://www.ubuntu.com/usn/usn-245-1
ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.3-kdelibs-kjs.diff
http://www.kde.org/info/security/advisory-20060119-1.txt
kde-kjs-bo(24242)
https://exchange.xforce.ibmcloud.com/vulnerabilities/24242
oval:org.mitre.oval:def:11858
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11858

Copyright Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.56183
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2006:019 (kdelibs)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to kdelibs announced via advisory MDKSA-2006:019. A heap overflow vulnerability was discovered in kjs, the KDE JavaScript interpretter engine. An attacker could create a malicious web site that contained carefully crafted JavaScript code that could trigger the flaw and potentially lead to the arbitrary execution of code as the user visiting the site. The updated packages have been patched to correct this problem. Affected: 2006.0, Corporate 3.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2006:019 Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	BugTraq ID: 16325 Common Vulnerability Exposure (CVE) ID: CVE-2006-0019 1015512 http://securitytracker.com/id?1015512 16325 http://www.securityfocus.com/bid/16325 18500 http://secunia.com/advisories/18500 18540 http://secunia.com/advisories/18540 18552 http://secunia.com/advisories/18552 18559 http://secunia.com/advisories/18559 18561 http://secunia.com/advisories/18561 18570 http://secunia.com/advisories/18570 18583 http://secunia.com/advisories/18583 18899 http://secunia.com/advisories/18899 20060119 [KDE Security Advisory] kjs encodeuri/decodeuri heap overflow http://www.securityfocus.com/archive/1/422464/100/0/threaded 22659 http://www.osvdb.org/22659 364 http://securityreason.com/securityalert/364 ADV-2006-0265 http://www.vupen.com/english/advisories/2006/0265 DSA-948 http://www.debian.org/security/2006/dsa-948 FLSA:178606 http://www.securityfocus.com/archive/1/427976/100/0/threaded GLSA-200601-11 http://www.gentoo.org/security/en/glsa/glsa-200601-11.xml MDKSA-2006:019 http://www.mandriva.com/security/advisories?name=MDKSA-2006:019 RHSA-2006:0184 http://www.redhat.com/support/errata/RHSA-2006-0184.html SSA:2006-045-05 http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.361107 SUSE-SA:2006:003 http://www.securityfocus.com/archive/1/422489/100/0/threaded USN-245-1 http://www.ubuntu.com/usn/usn-245-1 ftp://ftp.kde.org/pub/kde/security_patches/post-3.4.3-kdelibs-kjs.diff http://www.kde.org/info/security/advisory-20060119-1.txt kde-kjs-bo(24242) https://exchange.xforce.ibmcloud.com/vulnerabilities/24242 oval:org.mitre.oval:def:11858 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11858
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com