Lucene search
Copyright (C) 2009 Greenbone Networks GmbHOPENVAS:1361412562310830287HistoryApr 09, 2009 - 12:00 a.m.
Mandriva Update for kdelibs MDKSA-2007:076 (kdelibs)
2009-04-0900:00:00
Copyright (C) 2009 Greenbone Networks GmbH
plugins.openvas.org
5
0.005 Low
EPSS
Percentile
73.7%
Check for the Version of kdelibs
###############################################################################
# OpenVAS Vulnerability Test
#
# Mandriva Update for kdelibs MDKSA-2007:076 (kdelibs)
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "A bug was discovered in KJS where UTF8 decoding did not reject
overlong sequences. This vulnerability is similar to that discovered
by Andreas Nolden in QT3 and QT4, but at this current time there is
no known exploit for this issue.
Updated packages have been patched to address this issue.";
tag_affected = "kdelibs on Mandriva Linux 2007.0,
Mandriva Linux 2007.0/X86_64";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_xref(name : "URL" , value : "http://lists.mandriva.com/security-announce/2007-04/msg00002.php");
script_oid("1.3.6.1.4.1.25623.1.0.830287");
script_version("$Revision: 9370 $");
script_tag(name:"last_modification", value:"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $");
script_tag(name:"creation_date", value:"2009-04-09 13:53:01 +0200 (Thu, 09 Apr 2009)");
script_tag(name:"cvss_base", value:"4.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_xref(name: "MDKSA", value: "2007:076");
script_cve_id("CVE-2007-0242");
script_name( "Mandriva Update for kdelibs MDKSA-2007:076 (kdelibs)");
script_tag(name:"summary", value:"Check for the Version of kdelibs");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2009 Greenbone Networks GmbH");
script_family("Mandrake Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/mandriva_mandrake_linux", "ssh/login/release");
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "MNDK_2007.0")
{
if ((res = isrpmvuln(pkg:"kdelibs-common", rpm:"kdelibs-common~3.5.4~19.5mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kdelibs-devel-doc", rpm:"kdelibs-devel-doc~3.5.4~19.5mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libkdecore4", rpm:"libkdecore4~3.5.4~19.5mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libkdecore4-devel", rpm:"libkdecore4-devel~3.5.4~19.5mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kdelibs", rpm:"kdelibs~3.5.4~19.5mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64kdecore4", rpm:"lib64kdecore4~3.5.4~19.5mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64kdecore4-devel", rpm:"lib64kdecore4-devel~3.5.4~19.5mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
Related
nessus
nessus
Slackware 10.2 / 11.0 / current : qt (SSA:2007-093-03)
2007-04-05 00:00:00
SuSE 10 Security Update : Qt3 (ZYPP Patch Number 3052)
2007-12-13 00:00:00
Mandrake Linux Security Advisory : qt3 (MDKSA-2007:074)
2009-04-23 00:00:00
prion
prion
Cross site scripting
2007-04-03 16:19:00
openvas
openvas
Mandriva Update for qt4 MDKSA-2007:075-1 (qt4)
2009-04-09 00:00:00
Mandriva Update for kdelibs MDKSA-2007:076 (kdelibs)
2009-04-09 00:00:00
Mandriva Update for qt3 MDKSA-2007:074 (qt3)
2009-04-09 00:00:00
securityvulns
securityvulns
QT / KJS UTF-8 decoding security vulnerability
2007-04-05 00:00:00
ubuntu
ubuntu
KDE library vulnerability
2007-04-11 00:00:00
debian
debian
ubuntucve
ubuntucve
CVE-2007-0242
2007-04-03 00:00:00
debiancve
debiancve
CVE-2007-0242
2007-04-03 16:19:00
cve
cve
CVE-2007-0242
2007-04-03 16:19:00
slackware
slackware
[slackware-security] qt
2007-04-03 23:23:35
veracode
veracode
Cross-site Scripting (XSS)
2020-04-10 00:17:41
redhat
redhat
(RHSA-2011:1324) Moderate: qt4 security update
2011-09-21 00:00:00
(RHSA-2007:0883) Important: qt security update
2007-09-13 00:00:00
(RHSA-2007:0909) Moderate: kdelibs security update
2007-10-08 00:00:00
oraclelinux
oraclelinux
Important: qt security update
2007-09-13 00:00:00
qt4 security update
2011-09-21 00:00:00
Moderate: kdelibs security update
2007-10-08 00:00:00
centos
centos
qt security update
2007-09-13 18:50:19
qt security update
2007-09-14 01:30:43
qt4 security update
2011-09-22 03:19:27
fedora
fedora
[SECURITY] Fedora Core 6 Update: qt-3.3.8-2.fc6
2007-09-18 22:38:37