FrSIRT - Fedora Security Update Fixes FLAC Integer Overflow Vulnerabilities / Exploit

French Security Incident Response Team

Français

English

Fedora Security Update Fixes FLAC Integer Overflow Vulnerabilities

Date de Publication : 2007-11-06 © FrSIRT.COM
Titre : Fedora Security Update Fixes FLAC Integer Overflow Vulnerabilities
Identifiant : FrSIRT/AVIS-2007-3736
CVE ID : CVE-2007-4619
Risque : Modéré (2/4) -

Exploitable à distance : Oui
Exploitable en local : Oui

En savoir plus

Description

Produits affectés

Solution

Références

Description Technique

Plusieurs vulnérabilités ont été identifiées dans Fedora, elles pourraient être exploitées par des attaquants afin de causer un déni de service ou compromettre un système vulnérable [...]

Solution

Installer les mises à jour :

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

d13f596a51b7a567d7f510c524c48a0ab3864872 SRPMS/flac-1.1.2-28.src.rpm
d13f596a51b7a567d7f510c524c48a0ab3864872 noarch/flac-1.1.2-28.src.rpm
99b3496adcbdbffd75a8283753426b841e776d2c ppc/flac-devel-1.1.2-28.ppc.rpm
cad0e51d1c05edff6cfea886b277ce90c99a7cf6 ppc/debug/flac-debuginfo-1.1.2-28.ppc.rpm
676a889a91f5ceab84813963d352af01f68ebf3b ppc/flac-1.1.2-28.ppc.rpm
8f645b35e6577dafe7e6d6efda9c6f8ad29394d4 x86_64/flac-devel-1.1.2-28.x86_64.rpm
b9b7bf06709a8940c064d4965e468bd2cf0e3e30 x86_64/debug/flac-debuginfo-1.1.2-28.x86_64.rpm
8e145843b4f8755ba7a6278e5c2da6b91ce2eb73 x86_64/flac-1.1.2-28.x86_64.rpm
f53b849034898ae36eba22bd1e78e0be5c727ccb i386/flac-1.1.2-28.i386.rpm
c7943c4c5ca02d9cac4a25422381f4210af7c357 i386/flac-devel-1.1.2-28.i386.rpm
80af663aee6f8b826de2f999461120187920a471 i386/debug/flac-debuginfo-1.1.2-28.i386.rpm

Historique

2007-11-06 : Version Initiale

Recevez les bulletins FrSIRT

Le service FrSIRT VNS permet aux professionnels de la sécurité (RSSI, DSI, administrateurs et consultants) de recevoir en temps-réel, par email, SMS et flux RSS/XML, des bulletins de vulnérabilités complets, détaillés et personnalisés.

Recherche

Newsletter

	Apple Mac OS X Code Execution Vulnerabilities
	Apple iPhone and iPod touch Multiple Code Execution Vulnerabilities
	Apple Xcode Code Execution and Information Disclosure Vulnerabilities
	Apple TV Data Processing Remote Code Execution Vulnerabilities
	Apple Mac OS X Command Execution Vulnerabilities
	Apple Safari for Mac OS X Remote Code Execution Vulnerability
	Apple Mac OS X ARDAgent Local Privilege Escalation Vulnerability

	Microsoft Visual Studio "Msmask32" Code Execution Vulnerability
	Microsoft PowerPoint Command Execution Vulnerabilities (MS08-051)
	Microsoft Windows Messenger Data Disclosure (MS08-050)
	Microsoft Windows Event System Code Execution (MS08-049)
	Microsoft Outlook and Mail Security Bypass Vulnerability (MS08-048)
	Microsoft Windows IPsec Policy Data Disclosure Vulnerability (MS08-047)
	Microsoft Windows MSCMS Code Execution Vulnerability (MS08-046)

	Cisco PIX and ASA Information Disclosure and DoS Vulnerabilities
	Cisco Secure ACS EAP Remote Denial Of Service Vulnerability
	Cisco Products Remote DNS Cache Poisoning Vulnerability
	Cisco Wide Area Application Services CUPS Remote Vulnerability
	Cisco UCM Denial of Service and Authentication Bypass Vulnerabilities
	Cisco Intrusion Prevention System Jumbo Frame Vulnerability
	Cisco VPN Client Deterministic Network Enhancer Privilege Escalation