|
|
>> Mandriva Security Update Fixes Evince "get_next_text()" Buffer Overflow Vulnerability
|
Title : Mandriva Security Update Fixes Evince "get_next_text()" Buffer Overflow Vulnerability
VUPEN ID : VUPEN/ADV-2006-5008
CVE ID : CVE-2006-5864
Rated as : Moderate Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2006-12-14
|
Mandriva has released updated packages to address a vulnerability identified in Evince. This flaw could be exploited by attackers to execute arbitrary commands. For additional information, see : VUPEN/ADV-2006-4747
Affected Products
Mandriva Linux 2007.0
Solution
Upgrade the affected packages :
Mandriva Linux 2007.0:
9cac7456ee1b25c93bd73c430475baaf 2007.0/i586/evince-0.6.0-1.2mdv2007.0.i586.rpm
d8a6e0604fe5fff79909659bd2fa0136 2007.0/SRPMS/evince-0.6.0-1.2mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64:
5d231a5f65991fe2383cdfc907425b77 2007.0/x86_64/evince-0.6.0-1.2mdv2007.0.x86_64.rpm
d8a6e0604fe5fff79909659bd2fa0136 2007.0/SRPMS/evince-0.6.0-1.2mdv2007.0.src.rpm
References
http://www.vupen.com/english/advisories/2006/5008
http://archives.mandrivalinux.com/security-announce/2006-12/msg00017.php
ChangeLog
2006-12-14 : Initial release
Vulnerability Management
Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.
Feedback
If you have additional information or corrections for this security advisory please submit them via our contact form. | |
|
