ID de Prueba:	1.3.6.1.4.1.25623.1.0.64518
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDVSA-2009:175 (pango)
Resumen:	The remote host is missing an update to pango;announced via advisory MDVSA-2009:175.
Descripción:	Summary: The remote host is missing an update to pango announced via advisory MDVSA-2009:175. Vulnerability Insight: Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow. This update corrects the issue. Affected: Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1194 1022196 http://www.securitytracker.com/id?1022196 20090507 [oCERT-2009-001] Pango integer overflow in heap allocation size calculations http://www.securityfocus.com/archive/1/503349/100/0/threaded 264308 http://sunsolve.sun.com/search/document.do?assetkey=1-66-264308-1 34870 http://www.securityfocus.com/bid/34870 35018 http://secunia.com/advisories/35018 35021 http://secunia.com/advisories/35021 35027 http://secunia.com/advisories/35027 35038 http://secunia.com/advisories/35038 35685 http://secunia.com/advisories/35685 35758 http://www.securityfocus.com/bid/35758 35914 http://secunia.com/advisories/35914 36005 http://secunia.com/advisories/36005 36145 http://secunia.com/advisories/36145 54279 http://osvdb.org/54279 ADV-2009-1269 http://www.vupen.com/english/advisories/2009/1269 ADV-2009-1972 http://www.vupen.com/english/advisories/2009/1972 DSA-1798 http://www.debian.org/security/2009/dsa-1798 RHSA-2009:0476 http://www.redhat.com/support/errata/RHSA-2009-0476.html SUSE-SA:2009:039 http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00005.html SUSE-SA:2009:042 http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00002.html SUSE-SR:2009:012 http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html USN-773-1 http://www.ubuntu.com/usn/USN-773-1 [oss-security] 20090507 [oCERT-2009-001] Pango integer overflow in heap allocation size calculations http://www.openwall.com/lists/oss-security/2009/05/07/1 http://github.com/bratsche/pango/commit/4de30e5500eaeb49f4bf0b7a07f718e149a2ed5e http://www.mozilla.org/security/announce/2009/mfsa2009-36.html http://www.ocert.org/advisories/ocert-2009-001.html https://bugzilla.mozilla.org/show_bug.cgi?id=480134 https://bugzilla.redhat.com/show_bug.cgi?id=496887 https://launchpad.net/bugs/cve/2009-1194 oval:org.mitre.oval:def:10137 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10137 pango-pangoglyphstringsetsize-bo(50397) https://exchange.xforce.ibmcloud.com/vulnerabilities/50397
Copyright	Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.