ID de Prueba:	1.3.6.1.4.1.25623.1.0.57645
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2006:213 (chromium)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to chromium announced via advisory MDKSA-2006:213. Chromium is an OpenGL-based shoot them up game with fine graphics. It is built with a private copy of libpng, and as such could be susceptible to some of the same vulnerabilities: Buffer overflow in the png_decompress_chunk function in pngrutil.c in libpng before 1.2.12 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors related to chunk error processing, possibly involving the chunk_name. (CVE-2006-3334) It is questionable whether this issue is actually exploitable, but the patch to correct the issue has been included in versions < 1.2.12. In addition, an patch to address several old vulnerabilities has been applied to this build. (CAN-2002-1363, CAN-2004-0421, CAN-2004-0597, CAN-2004-0598, CAN-2004-0599) Packages have been patched to correct these issues. Affected: 2007.0, Corporate 3.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2006:213 Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-3334 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html BugTraq ID: 18698 http://www.securityfocus.com/bid/18698 Bugtraq: 20060719 rPSA-2006-0133-1 libpng (Google Search) http://www.securityfocus.com/archive/1/440594/100/0/threaded http://security.gentoo.org/glsa/glsa-200607-06.xml http://security.gentoo.org/glsa/glsa-200812-15.xml http://www.mandriva.com/security/advisories?name=MDKSA-2006:209 http://www.mandriva.com/security/advisories?name=MDKSA-2006:210 http://www.mandriva.com/security/advisories?name=MDKSA-2006:211 http://www.mandriva.com/security/advisories?name=MDKSA-2006:212 http://www.mandriva.com/security/advisories?name=MDKSA-2006:213 http://secunia.com/advisories/20960 http://secunia.com/advisories/22956 http://secunia.com/advisories/22957 http://secunia.com/advisories/22958 http://secunia.com/advisories/23335 http://secunia.com/advisories/29420 http://secunia.com/advisories/33137 SuSE Security Announcement: SUSE-SR:2006:016 (Google Search) http://www.novell.com/linux/security/advisories/2006_16_sr.html SuSE Security Announcement: SUSE-SR:2006:028 (Google Search) http://www.novell.com/linux/security/advisories/2006_28_sr.html http://www.vupen.com/english/advisories/2006/2585 http://www.vupen.com/english/advisories/2008/0924/references XForce ISS Database: libpng-pngdecompresschunk-bo(27468) https://exchange.xforce.ibmcloud.com/vulnerabilities/27468
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.