Gentoo Security Advisory GLSA 200407-11 (app-text/wv) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 200407-11.

Solution

All users should upgrade to the latest available version. # emerge sync # emerge -pv '>=app-text/wv-1.0.0-r1' # emerge '>=app-text/wv-1.0.0-r1' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200407-11 http://bugs.gentoo.org/show_bug.cgi?id=56595 http://www.idefense.com/application/poi/display?id=115&type=vulnerabilities&flashstatus=true

Insight

A buffer overflow vulnerability exists in the wv library that can allow an attacker to execute arbitrary code with the privileges of the user running the vulnerable application.

Severity

Classification

CVE CVE-2004-0645
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Gentoo Security Advisory GLSA 200407-06 (libpng)
Gentoo Security Advisory GLSA 200312-04 (CVS)
Gentoo Security Advisory GLSA 200403-14 (app-admin/monit)
Gentoo Security Advisory GLSA 200407-16 (Kernel)
Gentoo Security Advisory GLSA 200406-09 (net-www/horde-chora)

Take action and discover your vulnerabilities