 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.67564 |
| Categoría: | Mandrake Local Security Checks |
| Título: | Mandriva Security Advisory MDVSA-2010:121 (pango) |
| Resumen: | NOSUMMARY |
| Descripción: | Description: The remote host is missing an update to pango announced via advisory MDVSA-2010:121. A vulnerability has been discovered and corrected in pango: Array index error in the hb_ot_layout_build_glyph_classes function in pango/opentype/hb-ot-layout.cc in Pango before 1.27.1 allows context-dependent attackers to cause a denial of service (application crash) via a crafted font file, related to building a synthetic Glyph Definition (aka GDEF) table by using this font's charmap and the Unicode property database (CVE-2010-0421). Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. Affected: 2008.0, 2009.0, 2009.1, 2010.0, Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2010:121 Risk factor : Medium CVSS Score: 4.3 |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2010-0421 1023711 http://securitytracker.com/id?1023711 38760 http://www.securityfocus.com/bid/38760 39041 http://secunia.com/advisories/39041 ADV-2010-0627 http://www.vupen.com/english/advisories/2010/0627 ADV-2010-0661 http://www.vupen.com/english/advisories/2010/0661 ADV-2010-1552 http://www.vupen.com/english/advisories/2010/1552 DSA-2019 http://www.debian.org/security/2010/dsa-2019 MDVSA-2010:121 http://www.mandriva.com/security/advisories?name=MDVSA-2010:121 RHSA-2010:0140 http://www.redhat.com/support/errata/RHSA-2010-0140.html SUSE-SR:2010:009 http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00002.html SUSE-SR:2010:012 http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html SUSE-SR:2010:013 http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html http://ftp.gnome.org/pub/GNOME/sources/pango/1.27/pango-1.27.1.tar.bz2 https://bugzilla.redhat.com/show_bug.cgi?id=555831 oval:org.mitre.oval:def:9417 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9417 |
| Copyright | Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com |
| Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |