Mandriva Update For Mono MDKSA-2007:218 (mono) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

IOActive Inc. found a buffer overflow in Mono.Math.BigInteger class in Mono 1.2.5.1 and previous versions, which allows arbitrary code execution by context-dependent attackers. Updated packages fix this issue.

Affected

mono on Mandriva Linux 2007.0, Mandriva Linux 2007.0/X86_64, Mandriva Linux 2007.1, Mandriva Linux 2007.1/X86_64, Mandriva Linux 2008.0, Mandriva Linux 2008.0/X86_64

Severity

Classification

CVE CVE-2007-5197
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:111-1 (firefox)
Mandrake Security Advisory MDVSA-2009:134 (firefox)
Mandrake Security Advisory MDVSA-2009:023 (php)
Mandrake Security Advisory MDVSA-2009:182 (firefox)
Mandrake Security Advisory MDVSA-2009:146 (imap)

Mandriva Update for mono MDKSA-2007:218 (mono)

Take action and discover your vulnerabilities