NASLDB: Debian DSA-954-1 : wine - design flaw
General
ID: 22820
Name: Debian DSA-954-1 : wine – design flaw
Summary: Checks dpkg output for the updated package
Credits: –
Classification
Risk: –
CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS Temporal Vector: –
Port: 0
Family: Debian Local Security Checks
Type: Local
Description
H D Moore has discovered that Wine, a free implementation of the
Microsoft Windows APIs, inherits a design flaw from the Windows GDI
API, which may lead to the execution of code through GDI escape
functions in WMF files.
The old stable distribution (woody) does not seem to be affected by
this problem.
Exploiting
Exploit Available: –
Exploitability Ease: –
Sources
CVE: CVE-2006-0106
OSVDB: –
Bugtraq: –
scipID: –
Timeline
Vulnerability Disclosure: 2006/01/05
Patch Release: 2006/01/25
Plugin Release: 2006/10/14
Plugin
Version: 1.11
Filename: debian_DSA-954.nasl
Filesize: 3972 bytes
MD5 Hash: 7fbd693231ac28652c0afc3375b191cb
Identification: Host/local_checks_enabled
Require Keys: Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l
Dependencies: "ssh_get_info.nasl"
Copyright: This script is© 2006-2012 Tenable Network Security, Inc.
- Letzte Plugins
- USN-1611-1 : thunderbird vulnerabilities
- USN-1610-1 : linux vulnerability
- USN-1609-1 : linux-ti-omap4 vulnerability
- SuSE 10 Security Update : PostgreSQL
- RHSA-2012-1364: bind97
- RHSA-2012-1363: bind
- RHSA-2012-1362: thunderbird
- RHSA-2012-1361: xulrunner
- Mandriva Linux Security Advisory : graphicsmagick
- FreeBSD : phpMyAdmin — Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages and Fetching the version information from a non-SSL site is vulnerable to a MITM attack