oval:org.mitre.oval:def:7206

Definition Id: oval:org.mitre.oval:def:7206

Oval ID:	oval:org.mitre.oval:def:7206
Title:	DSA-1684 lcms -- multiple vulnerabilities
Description:	Two vulnerabilities have been found in lcms, a library and set of commandline utilities for image color management. The Common Vulnerabilities and Exposures project identifies the following problems: Inadequate enforcement of fixed-length buffer limits allows an attacker to overflow a buffer on the stack, potentially enabling the execution of arbitrary code when a maliciously-crafted image is opened. An integer sign error in reading image gamma data could allow an attacker to cause an under-sized buffer to be allocated for subsequent image data, with unknown consequences potentially including the execution of arbitrary code if a maliciously-crafted image is opened.
Family:	unix	Class:	patch
Reference(s):	DSA-1684 CVE-2008-5316 CVE-2008-5317	Version:	3
Platform(s):	Debian GNU/Linux 4.0	Product(s):	lcms
Definition Synopsis:
Debian GNU/Linux 4.0 is installed. Packages section liblcms1-dev is earlier than 1.15-1.1+etch1 AND liblcms-utils is earlier than 1.15-1.1+etch1 AND liblcms1 is earlier than 1.15-1.1+etch1

Definition Id: oval:org.mitre.oval:def:6461

Oval ID:	oval:org.mitre.oval:def:6461
Title:	Debian GNU/Linux 4.0 is installed.
Description:	Debian GNU/Linux 4.0 (etch) is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:debian:debian_gnu/linux:4.0	Version:	9
Platform(s):	Debian GNU/Linux 4.0	Product(s):
Definition Synopsis:
Debian GNU/Linux 4.0 is installed
Referenced By:
oval:org.mitre.oval:def:7206