Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200612-13] libgsf: Buffer overflow Vulnerability Scan
Vulnerability Scan Summary
libgsf: Buffer overflow
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200612-13
(libgsf: Buffer overflow)
"infamous41md" has discovered that the "ole_init_info" function may
allocate too little memory for storing the contents of an OLE document,
resulting in a heap buffer overflow.
A possible hacker could entice a user to open a specially crafted OLE
document, and possibly execute arbitrary code with the rights of the
user opening the document.
There is no known workaround at this time.
All libgsf users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=gnome-extra/libgsf-1.14.2"
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.