NASLDB: SuSE Security Update: newt: fixing a heap overflow (CVE-2009-2905) (libnewt0_52-6504)
General
ID: 42325
Name: SuSE Security Update: newt: fixing a heap overflow (CVE-2009-2905) (libnewt0_52-6504)
Summary: Check for the libnewt0_52-6504 package
Credits: Tenable Network Security, Inc.
Classification
Risk: –
CVSS: –
CVSS Base Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P
CVSS Temporal Vector: –
Port: 0
Family: SuSE Local Security Checks
Type: –
Description
A heap-based buffer overflow was found in the way newt used
to process content, to be rendered in text dialog box.
Local attacker could issue a specially-crafted text dialog
box rendering request (direct or via custom application),
leading to denial of service (application crash) or,
potentially, to execution of arbitrary code with the
privileges of the user running the application.
CVE-2009-2905 has been assigned to this issue.
Exploiting
Exploit Available: –
Exploitability Ease: –
Sources
CVE: CVE-2009-2905
OSVDB: –
Bugtraq: –
scipID: –
Timeline
Vulnerability Disclosure: –
Patch Release: –
Plugin Release: 2009/10/30
Plugin
Version: 1.5
Filename: suse_libnewt0_52-6504.nasl
Filesize: 2475 bytes
MD5 Hash: 6487e98a6a85246d018d595de5b02b35
Identification: Host/SuSE/rpm-list
Require Keys: Host/SuSE/rpm-list
Dependencies: "ssh_get_info.nasl"
Copyright: This script is Copyright© 2009-2010 Tenable Network Security, Inc.
- Latest Plugins
- USN-1611-1 : thunderbird vulnerabilities
- USN-1610-1 : linux vulnerability
- USN-1609-1 : linux-ti-omap4 vulnerability
- SuSE 10 Security Update : PostgreSQL
- RHSA-2012-1364: bind97
- RHSA-2012-1363: bind
- RHSA-2012-1362: thunderbird
- RHSA-2012-1361: xulrunner
- Mandriva Linux Security Advisory : graphicsmagick
- FreeBSD : phpMyAdmin — Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages and Fetching the version information from a non-SSL site is vulnerable to a MITM attack