Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2007:069 (inkscape)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.58149

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDKSA-2007:069 (inkscape)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to inkscape
announced via advisory MDKSA-2007:069.

Format string vulnerability in Inkscape before 0.45.1 allows
user-assisted remote attackers to execute arbitrary code via format
string specifiers in a URI, which is not properly handled by certain
dialogs.

Updated packages have been patched to address this issue.

Affected: 2007.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2007:069

Risk factor : High

CVSS Score:
6.8

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-1463
BugTraq ID: 23070
http://www.securityfocus.com/bid/23070
BugTraq ID: 23138
http://www.securityfocus.com/bid/23138
Bugtraq: 20070324 FLEA-2007-0002-1: inkscape (Google Search)
http://www.securityfocus.com/archive/1/463710/100/0/threaded
http://www.gentoo.org/security/en/glsa/glsa-200704-10.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:069
http://secunia.com/advisories/24584
http://secunia.com/advisories/24597
http://secunia.com/advisories/24615
http://secunia.com/advisories/24661
http://secunia.com/advisories/24859
http://secunia.com/advisories/25072
SuSE Security Announcement: SUSE-SR:2007:008 (Google Search)
http://www.novell.com/linux/security/advisories/2007_8_sr.html
http://www.ubuntu.com/usn/usn-438-1
http://www.vupen.com/english/advisories/2007/1059
XForce ISS Database: inkscape-dialogs-format-string(33163)
https://exchange.xforce.ibmcloud.com/vulnerabilities/33163

Copyright Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.58149
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2007:069 (inkscape)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to inkscape announced via advisory MDKSA-2007:069. Format string vulnerability in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a URI, which is not properly handled by certain dialogs. Updated packages have been patched to address this issue. Affected: 2007.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2007:069 Risk factor : High CVSS Score: 6.8
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-1463 BugTraq ID: 23070 http://www.securityfocus.com/bid/23070 BugTraq ID: 23138 http://www.securityfocus.com/bid/23138 Bugtraq: 20070324 FLEA-2007-0002-1: inkscape (Google Search) http://www.securityfocus.com/archive/1/463710/100/0/threaded http://www.gentoo.org/security/en/glsa/glsa-200704-10.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:069 http://secunia.com/advisories/24584 http://secunia.com/advisories/24597 http://secunia.com/advisories/24615 http://secunia.com/advisories/24661 http://secunia.com/advisories/24859 http://secunia.com/advisories/25072 SuSE Security Announcement: SUSE-SR:2007:008 (Google Search) http://www.novell.com/linux/security/advisories/2007_8_sr.html http://www.ubuntu.com/usn/usn-438-1 http://www.vupen.com/english/advisories/2007/1059 XForce ISS Database: inkscape-dialogs-format-string(33163) https://exchange.xforce.ibmcloud.com/vulnerabilities/33163
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com