Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2002:085: WindowMaker Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the WindowMaker package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2002:085 (WindowMaker).
Al Viro discovered a vulnerability in the WindowMaker window manager. A function
used to load images, for example when configuring a new background image or
previewing themes, contains a buffer overflow. The function calculates the
amount of memory necessary to load the image by doing some multiplication but
does not check the results of this multiplication, which may not fit into the
destination variable, resulting in a buffer overflow when the image is loaded.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2002:085
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.