Vulnerability Solutions |
||
| The WatchMouse Periodic Vulnerability Scan checks for the vulnerability below. To see the most recently added vulnerability solutions that are scanned by WatchMouse, go to the Vulnerability Solutions overview | ||
| Category: Gentoo Local Security Checks | Risk factor: Medium | Added: 4 Dec 2008 |
| The remote host is affected by the vulnerability described in GLSA-200812-01 (OptiPNG: User-assisted execution of arbitrary code) A buffer overflow in the BMP reader in OptiPNG has been reported. Impact A remote attacker could entice a user to process a specially crafted BMP image, possibly resulting in the execution of arbitrary code with the privileges of the user running the application, or a Denial of Service. Workaround There is no known workaround at this time. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5101 Solution: All OptiPNG users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=media-gfx/optipng-0.6.2" Risk factor: Medium |
||
