Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.54355
Kategorie:SuSE Local Security Checks
Titel:SuSE Security Advisory SUSE-SA:2005:042 (acroread 5)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing updates announced in
advisory SUSE-SA:2005:042.

This update fixes a buffer overflow in Acrobat Reader versions 5,
where an attacker could execute code by providing a handcrafted PDF
to the viewer.

The Acrobat Reader 5 versions of SUSE Linux 9.0 up to 9.2, SUSE
Linux Enterprise Server 9 and Novell Linux Desktop 9 were upgraded
to Acrobat Reader 7.

Unfortunately this version upgrade introduces new dependencies. Please
use the YaST module Install or Remove Software to check if there
are new dependencies and install the required packages.

Since Adobe does no longer provide updated packages that work on SUSE
Linux Enterprise Server 8, United Linux 1, and SUSE Linux Desktop 1
we are unable to provide fixed packages for these products.

The SUSE Security Team strongly advises to deinstall the acroread
package on these platforms and use alternate PDF viewers like xpdf,
kpdf, gpdf or gv.

Since this attack could be done via E-Mail messages or web pages,
this should be considered to be remote exploitable.

This issue is tracked by the Mitre CVE ID CVE-2005-1625.

Solution:
Update your system with the packages as indicated in
the referenced security advisory.

http://www.securityspace.com/smysecure/catid.html?in=SUSE-SA:2005:042

Risk factor : Medium

CVSS Score:
5.0

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2005-1625
http://www.idefense.com/application/poi/display?id=279&type=vulnerabilities
http://www.redhat.com/support/errata/RHSA-2005-575.html
SuSE Security Announcement: SUSE-SA:2005:042 (Google Search)
http://www.novell.com/linux/security/advisories/2005_42_acroread.html
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.