Sårbarhed Detalje Syn
Legend :
critical
high
medium
low
other
| id | 43110 |
|---|
| Risiko | other |
|---|
| Familie | Ubuntu Local Security Checks |
|---|
| Kategori | infos |
|---|
| Navn | USN871-2 : kde4libs vulnerabilities |
|---|
| Sammenfatning | kde4libs vulnerabilities |
|---|
| Beskrivelse | Synopsis :
These remote packages are missing security patches :
- kdelibs-bin
- kdelibs5
- kdelibs5-data
- kdelibs5-dbg
- kdelibs5-dev
- libplasma-dev
- libplasma3
Description :
USN-871-1 fixed vulnerabilities in KDE. This update provides the
corresponding updates for KDE 4.
This update also fixes a directory traversal flaw in KDE when processing
help:// URLs. This issue only affected Ubuntu 8.10.
Original advisory details:
It was discovered that the KDE libraries could use KHTML to process an
unknown MIME type. If a user or application linked against kdelibs were
tricked into opening a crafted file, an attacker could potentially trigger
XMLHTTPRequests to remote sites.
Solution :
Upgrade to :
- kdelibs-bin-4.3.2-0ubuntu7.2 (Ubuntu 9.10)
- kdelibs5-4.3.2-0ubuntu7.2 (Ubuntu 9.10)
- kdelibs5-data-4.3.2-0ubuntu7.2 (Ubuntu 9.10)
- kdelibs5-dbg-4.3.2-0ubuntu7.2 (Ubuntu 9.10)
- kdelibs5-dev-4.3.2-0ubuntu7.2 (Ubuntu 9.10)
- libplasma-dev-4.2.2-0ubuntu5.4 (Ubuntu 9.04)
- libplasma3-4.3.2-0ubuntu7.2 (Ubuntu 9.10)
Risk factor :
High
|
|---|
| CVE |
NOCVE |
| Bugtraq |
NOBID |
| Copyright |
(C) 2009 Canonical, Inc. / NASL script (C) 2009 Tenable Network Security, Inc. |
|
|