oval:org.mitre.oval:def:13369

Definition Id: oval:org.mitre.oval:def:13369
 
Oval ID: oval:org.mitre.oval:def:13369
Title: DSA-1854-1 apr, apr-util -- heap buffer overflow
Description: Matt Lewis discovered that the memory management code in the Apache Portable Runtime library does not guard against a wrap-around during size computations. This could cause the library to return a memory area which smaller than requested, resulting a heap overflow and possibly arbitrary code execution. For the old stable distribution, this problem has been fixed in version 1.2.7-9 of the apr package, and version 1.2.7+dfsg-2+etch3 of the apr-util package. For the stable distribution, this problem has been fixed in version 1.2.12-5+lenny1 of the apr package and version 1.2.12-5+lenny1 of the apr-util package. For the unstable distribution, this problem will be fixed soon. We recommend that you upgrade your APR packages.
Family: unix Class: patch
Reference(s): DSA-1854-1
CVE-2009-2412
Version: 5
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 4.0
Product(s): apr
apr-util
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6513
 
Oval ID: oval:org.mitre.oval:def:6513
Title: Debian GNU/Linux 5.0 is installed
Description: Debian GNU/Linux 5.0 (lenny) is installed
Family: unix Class: inventory
Reference(s): cpe:/o:debian:debian_gnu/linux:5.0
Version: 7
Platform(s): Debian GNU/Linux 5.0
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:13369
Definition Id: oval:org.mitre.oval:def:6461
 
Oval ID: oval:org.mitre.oval:def:6461
Title: Debian GNU/Linux 4.0 is installed.
Description: Debian GNU/Linux 4.0 (etch) is installed
Family: unix Class: inventory
Reference(s): cpe:/o:debian:debian_gnu/linux:4.0
Version: 9
Platform(s): Debian GNU/Linux 4.0
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:13369