ID de Prueba:	1.3.6.1.4.1.25623.1.0.831555
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Update for libvpx MDVSA-2012:023-1 (libvpx)
Resumen:	The remote host is missing an update for the 'libvpx'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'libvpx' package(s) announced via the referenced advisory. Vulnerability Insight: A vulnerability has been found and corrected in libvpx: VP8 Codec SDK (libvpx) before 1.0.0 Duclair allows remote attackers to cause a denial of service (application crash) via (1) unspecified corrupt input or (2) by starting decoding from a P-frame, which triggers an out-of-bounds read, related to the clamping of motion vectors in SPLITMV blocks (CVE-2012-0823). The updated packages have been patched to correct this issue. Update: This is a symbolic advisory correction because there was a clash with MDVSA-2012:023 that addressed libxml2. Affected Software/OS: libvpx on Mandriva Linux 2011.0, Mandriva Linux 2010.1 Solution: Please Install the Updated Packages. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-0823 BugTraq ID: 51775 http://www.securityfocus.com/bid/51775 http://www.mandriva.com/security/advisories?name=MDVSA-2012:023 http://www.openwall.com/lists/oss-security/2012/01/28/4 http://www.openwall.com/lists/oss-security/2012/01/30/2
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.