ID de Prueba:	1.3.6.1.4.1.25623.1.0.841098
Categoría:	Ubuntu Local Security Checks
Título:	Ubuntu Update for icedtea-web USN-1521-1
Resumen:	Ubuntu Update for Linux kernel vulnerabilities USN-1521-1
Descripción:	Summary: Ubuntu Update for Linux kernel vulnerabilities USN-1521-1 Vulnerability Insight: Chamal De Silva discovered that the IcedTea-Web Java web browser plugin could dereference an uninitialized pointer. A remote attacker could use this to craft a malicious web page that could cause a denial of service by crashing the web browser or possibly execute arbitrary code. (CVE-2012-3422) Steven Bergom and others discovered that the IcedTea-Web Java web browser plugin assumed that all strings provided by browsers are NULL terminated, which is not guaranteed by the NPAPI (Netscape Plugin Application Programming Interface). A remote attacker could use this to craft a malicious Java applet that could cause a denial of service by crashing the web browser, expose sensitive information or possibly execute arbitrary code. (CVE-2012-3423) Affected Software/OS: icedtea-web on Ubuntu 12.04 LTS, Ubuntu 11.10, Ubuntu 11.04, Ubuntu 10.04 LTS Solution: Please Install the Updated Packages. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-3422 http://security.gentoo.org/glsa/glsa-201406-32.xml https://bugzilla.redhat.com/show_bug.cgi?id=840592 RedHat Security Advisories: RHSA-2012:1132 http://rhn.redhat.com/errata/RHSA-2012-1132.html http://secunia.com/advisories/50089 SuSE Security Announcement: SUSE-SU-2012:0979 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00003.html SuSE Security Announcement: SUSE-SU-2013:0851 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00020.html SuSE Security Announcement: SUSE-SU-2013:1174 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00013.html SuSE Security Announcement: openSUSE-SU-2012:0981 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00004.html SuSE Security Announcement: openSUSE-SU-2012:0982 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00005.html SuSE Security Announcement: openSUSE-SU-2013:0826 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-05/msg00032.html SuSE Security Announcement: openSUSE-SU-2013:0893 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-06/msg00030.html SuSE Security Announcement: openSUSE-SU-2013:0966 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-06/msg00101.html http://www.ubuntu.com/usn/USN-1521-1 Common Vulnerability Exposure (CVE) ID: CVE-2012-3423 https://bugzilla.redhat.com/show_bug.cgi?id=841345
Copyright	Copyright (c) 2012 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.