|
|
>> Mandriva Security Update Fixes Xdg-utils Code Injection Vulnerabilities
|
Title : Mandriva Security Update Fixes Xdg-utils Code Injection Vulnerabilities
VUPEN ID : VUPEN/ADV-2008-0379
CVE ID : CVE-2008-0386
Rated as : Low Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2008-02-01
|
Multiple vulnerabilities have been identified in Mandriva, which could be exploited by attackers to execute arbitrary code. These issues are caused by errors in Xdg-utils. For additional information, see : VUPEN/ADV-2008-0342
Affected Products
Mandriva Linux 2007.1
Mandriva Linux 2008.0
Solution
Upgrade the affected packages :
Mandriva Linux 2007.1:
87a609bef7d4f1fa89f679f799ab894d 2007.1/i586/xdg-utils-1.0.1-3.1mdv2007.1.i586.rpm
91ece389fe517eb37340dab3fdb80b80 2007.1/SRPMS/xdg-utils-1.0.1-3.1mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64:
a5678edc7717df385ff063cd3dd8d1ed 2007.1/x86_64/xdg-utils-1.0.1-3.1mdv2007.1.x86_64.rpm
91ece389fe517eb37340dab3fdb80b80 2007.1/SRPMS/xdg-utils-1.0.1-3.1mdv2007.1.src.rpm
Mandriva Linux 2008.0:
8ae9d8bf4d89f62326e06ed19d89642d 2008.0/i586/xdg-utils-1.0.2-3.1mdv2008.0.i586.rpm
e69a33c4cdead90fa44d021902722411 2008.0/SRPMS/xdg-utils-1.0.2-3.1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64:
7e8c83cb1957521497ceff756a0ea79f 2008.0/x86_64/xdg-utils-1.0.2-3.1mdv2008.0.x86_64.rpm
e69a33c4cdead90fa44d021902722411 2008.0/SRPMS/xdg-utils-1.0.2-3.1mdv2008.0.src.rpm
References
http://www.vupen.com/english/advisories/2008/0379
http://archives.mandrivalinux.com/security-announce/2008-02/msg00001.php
ChangeLog
2008-02-01 : Initial release
Vulnerability Management
Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.
Feedback
If you have additional information or corrections for this security advisory please submit them via our contact form. | |
|
