|
Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2005:144: wxPythonGTK Vulnerability Scan
Vulnerability Scan Summary Check for the version of the wxPythonGTK package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2005:144 (wxPythonGTK).
Wouter Hanegraaff discovered that the TIFF library did not sufficiently
validate the 'YCbCr subsampling' value in TIFF image headers. Decoding a
malicious image with a zero value resulted in an arithmetic exception, which
can cause a program that uses the TIFF library to crash.
wxPythonGTK uses an embedded libtiff source tree, and as such has the same
vulnerability.
The updated packages have been rebuilt using the system libraries and should
now incorporate all the updates to libjpeg, libpng, libtiff and zlib.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2005:144
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|