Red Hat Local Security Checks : RedHat Security Advisory RHSA-2011:1815

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.70499

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2011:1815

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing updates announced in
advisory RHSA-2011:1815.

The International Components for Unicode (ICU) library provides robust and
full-featured Unicode services.

A stack-based buffer overflow flaw was found in the way ICU performed
variant canonicalization for some locale identifiers. If a
specially-crafted locale representation was opened in an application
linked against ICU, it could cause the application to crash or, possibly,
execute arbitrary code with the privileges of the user running the
application. (CVE-2011-4599)

All users of ICU should upgrade to these updated packages, which contain a
backported patch to resolve this issue. All applications linked against
ICU must be restarted for this update to take effect.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2011-1815.html

Risk factor : Medium

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-4599
http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html
BugTraq ID: 51006
http://www.securityfocus.com/bid/51006
Debian Security Information: DSA-2397 (Google Search)
http://www.debian.org/security/2012/dsa-2397
http://www.mandriva.com/security/advisories?name=MDVSA-2011:194
http://www.openwall.com/lists/oss-security/2011/12/09/2
http://www.openwall.com/lists/oss-security/2011/12/09/5
http://www.osvdb.org/77698
RedHat Security Advisories: RHSA-2011:1815
http://rhn.redhat.com/errata/RHSA-2011-1815.html
http://secunia.com/advisories/47146
http://secunia.com/advisories/47227
http://secunia.com/advisories/47674
http://secunia.com/advisories/47714
http://secunia.com/advisories/47775
SuSE Security Announcement: openSUSE-SU-2012:0100 (Google Search)
http://lists.opensuse.org/opensuse-updates/2012-01/msg00035.html
http://ubuntu.com/usn/usn-1348-1
XForce ISS Database: icu-canonicalize-bo(71726)
https://exchange.xforce.ibmcloud.com/vulnerabilities/71726

Copyright Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.70499
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2011:1815
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2011:1815. The International Components for Unicode (ICU) library provides robust and full-featured Unicode services. A stack-based buffer overflow flaw was found in the way ICU performed variant canonicalization for some locale identifiers. If a specially-crafted locale representation was opened in an application linked against ICU, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2011-4599) All users of ICU should upgrade to these updated packages, which contain a backported patch to resolve this issue. All applications linked against ICU must be restarted for this update to take effect. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2011-1815.html Risk factor : Medium
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-4599 http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html BugTraq ID: 51006 http://www.securityfocus.com/bid/51006 Debian Security Information: DSA-2397 (Google Search) http://www.debian.org/security/2012/dsa-2397 http://www.mandriva.com/security/advisories?name=MDVSA-2011:194 http://www.openwall.com/lists/oss-security/2011/12/09/2 http://www.openwall.com/lists/oss-security/2011/12/09/5 http://www.osvdb.org/77698 RedHat Security Advisories: RHSA-2011:1815 http://rhn.redhat.com/errata/RHSA-2011-1815.html http://secunia.com/advisories/47146 http://secunia.com/advisories/47227 http://secunia.com/advisories/47674 http://secunia.com/advisories/47714 http://secunia.com/advisories/47775 SuSE Security Announcement: openSUSE-SU-2012:0100 (Google Search) http://lists.opensuse.org/opensuse-updates/2012-01/msg00035.html http://ubuntu.com/usn/usn-1348-1 XForce ISS Database: icu-canonicalize-bo(71726) https://exchange.xforce.ibmcloud.com/vulnerabilities/71726
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com