|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200703-07] STLport: Possible remote execution of arbitrary code Vulnerability Scan
Vulnerability Scan Summary STLport: Possible remote execution of arbitrary code
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200703-07
(STLport: Possible remote execution of arbitrary code)
Two buffer overflows have been discovered, one in "print floats" and
one in the rope constructor.
Impact
Both of the buffer overflows could result in the remote execution of
arbitrary code. Please note that the exploitability of the
vulnerabilities depends on how the library is used by other software
programs.
Workaround
There is no known workaround at this time.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0803
Solution:
All STLport users should upgrade to the latest version.
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/STLport-5.0.3"
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|