Mandrake Local Security Checks : Mandriva Security Advisory MDVSA-2010:182 (kdegraphics)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.68031

Categoría: Mandrake Local Security Checks

Título: Mandriva Security Advisory MDVSA-2010:182 (kdegraphics)

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing an update to kdegraphics
announced via advisory MDVSA-2010:182.

A vulnerability has been found and corrected in kdegraphics (ksvg):

Use-after-free vulnerability in the garbage-collection implementation
in WebCore in WebKit in Apple Safari before 4.0 allows remote
attackers to execute arbitrary code or cause a denial of service
(heap corruption and application crash) via an SVG animation element,
related to SVG set objects, SVG marker elements, the targetElement
attribute, and unspecified caches. (CVE-2009-1709)

Packages for 2008.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages have been patched to correct this issue.

Affected: 2008.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2010:182

Risk factor : Critical

CVSS Score:
9.3

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-1709
http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html
BugTraq ID: 35260
http://www.securityfocus.com/bid/35260
BugTraq ID: 35334
http://www.securityfocus.com/bid/35334
http://www.mandriva.com/security/advisories?name=MDVSA-2010:182
http://www.zerodayinitiative.com/advisories/ZDI-09-034/
http://osvdb.org/55013
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10162
http://www.redhat.com/support/errata/RHSA-2009-1130.html
http://securitytracker.com/id?1022345
http://secunia.com/advisories/35379
http://secunia.com/advisories/35576
http://secunia.com/advisories/36461
http://secunia.com/advisories/43068
SuSE Security Announcement: SUSE-SR:2011:002 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
https://usn.ubuntu.com/823-1/
http://www.vupen.com/english/advisories/2009/1522
http://www.vupen.com/english/advisories/2011/0212

Copyright Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.68031
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Security Advisory MDVSA-2010:182 (kdegraphics)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to kdegraphics announced via advisory MDVSA-2010:182. A vulnerability has been found and corrected in kdegraphics (ksvg): Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified caches. (CVE-2009-1709) Packages for 2008.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. Affected: 2008.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2010:182 Risk factor : Critical CVSS Score: 9.3
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1709 http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html BugTraq ID: 35260 http://www.securityfocus.com/bid/35260 BugTraq ID: 35334 http://www.securityfocus.com/bid/35334 http://www.mandriva.com/security/advisories?name=MDVSA-2010:182 http://www.zerodayinitiative.com/advisories/ZDI-09-034/ http://osvdb.org/55013 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10162 http://www.redhat.com/support/errata/RHSA-2009-1130.html http://securitytracker.com/id?1022345 http://secunia.com/advisories/35379 http://secunia.com/advisories/35576 http://secunia.com/advisories/36461 http://secunia.com/advisories/43068 SuSE Security Announcement: SUSE-SR:2011:002 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html https://usn.ubuntu.com/823-1/ http://www.vupen.com/english/advisories/2009/1522 http://www.vupen.com/english/advisories/2011/0212
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com