Test ID:	1.3.6.1.4.1.25623.1.0.71227
Category:	Mandrake Local Security Checks
Title:	Mandriva Security Advisory MDVSA-2012:051 (libvorbis)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to libvorbis announced via advisory MDVSA-2012:051. Multiple vulnerabilities has been found and corrected in libvorbis: A specially-crafted Ogg Vorbis media format file (Ogg) could cause an application using libvorbis to crash or, possibly, execute arbitrary code when opened (CVE-2009-3379). If a specially-crafted Ogg Vorbis media file was opened by an application using libvorbis, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application (CVE-2012-0444). The updated packages have been patched to correct these issues. Affected: Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2012:051 Risk factor : High
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-3379 https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00315.html https://www.redhat.com/archives/fedora-package-announce/2009-November/msg00369.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:294 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10993 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6582 http://www.redhat.com/support/errata/RHSA-2009-1561.html http://secunia.com/advisories/37306 http://secunia.com/advisories/37340 http://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1 http://www.ubuntu.com/usn/USN-861-1 http://www.vupen.com/english/advisories/2009/3334 Common Vulnerability Exposure (CVE) ID: CVE-2012-0444 BugTraq ID: 51753 http://www.securityfocus.com/bid/51753 Debian Security Information: DSA-2400 (Google Search) http://www.debian.org/security/2012/dsa-2400 Debian Security Information: DSA-2402 (Google Search) http://www.debian.org/security/2012/dsa-2402 Debian Security Information: DSA-2406 (Google Search) http://www.debian.org/security/2012/dsa-2406 http://www.mandriva.com/security/advisories?name=MDVSA-2012:013 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14464 http://secunia.com/advisories/48043 http://secunia.com/advisories/48095 SuSE Security Announcement: SUSE-SU-2012:0198 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00003.html SuSE Security Announcement: SUSE-SU-2012:0221 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00007.html SuSE Security Announcement: openSUSE-SU-2012:0234 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00011.html http://www.ubuntu.com/usn/USN-1370-1 XForce ISS Database: mozilla-nschildview-code-exec(72858) https://exchange.xforce.ibmcloud.com/vulnerabilities/72858
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.