Executive Summary
| Summary | |
|---|---|
| Title | libgsf vulnerability |
| Informations | |||
|---|---|---|---|
| Name | USN-391-1 | First vendor Publication | 2006-12-04 |
| Vendor | Ubuntu | Last vendor Modification | 2006-12-04 |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 7.5 | Attack Range | Network |
| Cvss Impact Score | 6.4 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| A security issue affects the following Ubuntu releases: Ubuntu 5.10 Ubuntu 6.06 LTS Ubuntu 6.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.10: Ubuntu 6.06 LTS: Ubuntu 6.10: After a standard system upgrade you need to restart your desktop session to effect the necessary changes. Details follow: A heap overflow was discovered in the OLE processing code in libgsf. If a user were tricked into opening a specially crafted OLE document, an attacker could execute arbitrary code with the user's privileges. |
Original Source
| Url : http://www.ubuntu.com/usn/USN-391-1 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:9413 | |||
| Oval ID: | oval:org.mitre.oval:def:9413 | ||
| Title: | Heap-based buffer overflow in the ole_info_read_metabat function in Gnome Structured File library (libgsf) 1.14.0, and other versions before 1.14.2, allows context-dependent attackers to execute arbitrary code via a large num_metabat value in an OLE document, which causes the ole_init_info function to allocate insufficient memory. | ||
| Description: | Heap-based buffer overflow in the ole_info_read_metabat function in Gnome Structured File library (libgsf) 1.14.0, and other versions before 1.14.2, allows context-dependent attackers to execute arbitrary code via a large num_metabat value in an OLE document, which causes the ole_init_info function to allocate insufficient memory. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2006-4514 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 4 |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2009-10-10 | Name : SLES9: Security update for libgsf File : nvt/sles9p5011227.nasl |
| 2008-09-24 | Name : Gentoo Security Advisory GLSA 200612-13 (libgsf) File : nvt/glsa_200612_13.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 1221-1 (libgsf) File : nvt/deb_1221_1.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 31702 | GNOME Structured File Library (libgsf) ole_info_read_metabat() Function Overflow |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0011.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_11342.nasl - Type : ACT_GATHER_INFO |
| 2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_libgsf-2363.nasl - Type : ACT_GATHER_INFO |
| 2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-391-1.nasl - Type : ACT_GATHER_INFO |
| 2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_libgsf-2364.nasl - Type : ACT_GATHER_INFO |
| 2007-02-18 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2006-220.nasl - Type : ACT_GATHER_INFO |
| 2007-02-18 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2006_076.nasl - Type : ACT_GATHER_INFO |
| 2007-01-17 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0011.nasl - Type : ACT_GATHER_INFO |
| 2007-01-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0011.nasl - Type : ACT_GATHER_INFO |
| 2006-12-14 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200612-13.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 12:04:00 |
|
