ID de Prueba:	1.3.6.1.4.1.25623.1.0.57601
Categoría:	Trustix Local Security Checks
Título:	Trustix Security Advisory TSLSA-2006-0065 (libpng)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory TSLSA-2006-0065. libpng < TSL 3.0 > < TSL 2.2 > < TSEL 2 > - SECURITY Fix: Tavis Ormandy has reported a vulnerability in libpng, caused due to an out-of-bounds read error in the png_set_sPLT() function in pngset.c. This can be exploited by tricking an application using the library to process a specially crafted PNG file. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2006-5793 to this issue. Solution: Update your system with the packages as indicated in the referenced security advisory. https://secure1.securityspace.com/smysecure/catid.html?in=TSLSA-2006-0065 Risk factor : Medium CVSS Score: 2.6
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-5793 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html BugTraq ID: 21078 http://www.securityfocus.com/bid/21078 Bugtraq: 20061115 rPSA-2006-0211-1 libpng (Google Search) http://www.securityfocus.com/archive/1/451874/100/200/threaded Bugtraq: 20061204 rPSA-2006-0211-2 doxygen libpng (Google Search) http://www.securityfocus.com/archive/1/453484/100/100/threaded Bugtraq: 20080304 CORE-2008-0124: Multiple vulnerabilities in Google's Android SDK (Google Search) http://www.securityfocus.com/archive/1/489135/100/0/threaded http://security.gentoo.org/glsa/glsa-200611-09.xml http://www.mandriva.com/security/advisories?name=MDKSA-2006:209 http://www.mandriva.com/security/advisories?name=MDKSA-2006:210 http://www.mandriva.com/security/advisories?name=MDKSA-2006:211 http://www.mandriva.com/security/advisories?name=MDKSA-2006:212 http://bugs.gentoo.org/attachment.cgi?id=101400&action=view http://bugs.gentoo.org/show_bug.cgi?id=154380 http://www.coresecurity.com/?action=item&id=2148 http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.036.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10324 http://www.redhat.com/support/errata/RHSA-2007-0356.html http://securitytracker.com/id?1017244 http://secunia.com/advisories/22889 http://secunia.com/advisories/22900 http://secunia.com/advisories/22941 http://secunia.com/advisories/22950 http://secunia.com/advisories/22951 http://secunia.com/advisories/22956 http://secunia.com/advisories/22958 http://secunia.com/advisories/23208 http://secunia.com/advisories/23335 http://secunia.com/advisories/25329 http://secunia.com/advisories/25742 http://secunia.com/advisories/29420 http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.465035 SuSE Security Announcement: SUSE-SR:2006:028 (Google Search) http://www.novell.com/linux/security/advisories/2006_28_sr.html http://www.trustix.org/errata/2006/0065/ http://www.ubuntu.com/usn/usn-383-1 http://www.vupen.com/english/advisories/2006/4521 http://www.vupen.com/english/advisories/2006/4568 http://www.vupen.com/english/advisories/2008/0924/references XForce ISS Database: libpng-pngsetsplt-dos(30290) https://exchange.xforce.ibmcloud.com/vulnerabilities/30290
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.