FrSIRT - Fedora Security Update Fixes t1lib Filename Processing Buffer Overflow / Exploit (Security Advisories)

French Security Incident Response Team

French

English

Fedora Security Update Fixes t1lib Filename Processing Buffer Overflow

Title : Fedora Security Update Fixes t1lib Filename Processing Buffer Overflow
Advisory ID : FrSIRT/ADV-2007-3291
CVE ID : CVE-2007-4033
Rated as : Moderate Risk

Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-10-01

Advisory Details

Description

Affected Products

Solution

References

Technical Description

A vulnerability has been identified in Fedora, which could be exploited by attackers to cause a denial of service or execute arbitrary code [...]

Solution

Upgrade the affected packages :

81bdcde6dbf9b9e4130544fd2493434671c1fee2 t1lib-debuginfo-5.1.1-3.fc7.ppc64.rpm
c64f11e4f89f6b065ec0a6d236e9e2df4cc03c60 t1lib-devel-5.1.1-3.fc7.ppc64.rpm
b2d8aca754e8ac5d1345b509a24e0b47780dc221 t1lib-5.1.1-3.fc7.ppc64.rpm
4175603f9f32a2c5a2bcf3f528225e4c64a1f10b t1lib-devel-5.1.1-3.fc7.i386.rpm
6547e77817fe39768d94ebba3b704109ac741ca4 t1lib-debuginfo-5.1.1-3.fc7.i386.rpm
6bdca51e734f299be7b4073f8416c9851c5ee7f5 t1lib-5.1.1-3.fc7.i386.rpm
a643ae032988f1d53406f90f5456df5cd6a6496a t1lib-devel-5.1.1-3.fc7.x86_64.rpm
8d4d24ad8845891523022444b15b9a8c9b8ab6a5 t1lib-debuginfo-5.1.1-3.fc7.x86_64.rpm
8f430463ca8d524a87afa181338dc71fc80fb18f t1lib-5.1.1-3.fc7.x86_64.rpm
756e1c529f5906ea7703ba04acf53996e40b5bfb t1lib-devel-5.1.1-3.fc7.ppc.rpm
a21ab52ec28700e51cc9c23760604ce00cba54af t1lib-debuginfo-5.1.1-3.fc7.ppc.rpm
ebdb0c258c02e084d1f4da873c0d3a85464c560b t1lib-5.1.1-3.fc7.ppc.rpm
23be7d55b85d68cdcd9cfeca3a297caca8b217aa t1lib-5.1.1-3.fc7.src.rpm

ChangeLog

2007-10-01 : Initial release

Vulnerability Management

Subscribe to FrSIRT VNS and receive real-time e-mail and SMS alerts when new vulnerabilities, exploits, or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form or by email to updates@frsirt.com.

Mailinglist

	Apple Safari Code Execution and Security Bypass Vulnerabilities
	Apple iLife and Aperture Image Handling Code Execution Vulnerabilities
	Apple Mac OS X Code Execution and Security Bypass Vulnerabilities
	Apple TV Multiple File Processing Code Execution Vulnerabilities
	Apple Mac OS X Code Execution and Security Bypass Vulnerabilities
	Apple iPhone Code Execution and Security Bypass Vulnerabilities
	Apple QuickTime Multiple Remote Code Execution Vulnerabilities

	IBM AIX Sendmail Header Lines Denial of Service Vulnerability
	IBM Metrica Multiple Parameter Cross Site Scripting Vulnerabilities
	IBM Lotus Quickr Unspecified Cross Site Scripting Vulnerabilities
	IBM Hardware Management Console Denial of Service Vulnerability
	IBM Tivoli Storage Manager Client Buffer Overflow Vulnerability
	IBM DB2 Denial of Service and Information Disclosure Vulnerabilities
	IBM Lotus Quickr Denial of Service and Security Bypass Vulnerabilities

	Cisco IOS/CatOS VLAN Trunking Protocol DoS Vulnerability
	Cisco PIX and ASA Security Bypass and Denial of Service
	Cisco Unity Security Bypass and Denial of Service
	Cisco UCM SIP Remote Denial of Service
	Cisco IOS Denial of Service and Security Bypass Vulnerabilities
	Cisco PIX and ASA Information Disclosure and DoS Vulnerabilities
	Cisco Secure ACS EAP Remote Denial Of Service Vulnerability