kdelibs-3.5.5-11.24AXS3
エラータID: AXSA:2009-74:01
リリース日:
2009/07/09 Thursday - 11:30
題名:
kdelibs-3.5.5-11.24AXS3
影響のあるチャネル:
Asianux Server 3 for x86
Asianux Server 3 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- WebKit には JavaScript ガベージコレクタが割り当て失敗を適切に扱えない問題が存在し、リモートの攻撃者が巧妙に作られた HTMLドキュメントによって任意のコードを実行したり、サービス拒否 (メモリ破壊やアプリケーションのクラッシュ) を引き起こす脆弱性があります。(CVE-2009-1687)
- WebKitには 開放後使用 (Use-after-free) の脆弱性が存在し、リモートの攻撃者が任意のコードを実行したり、サービス拒否 (メモリ破壊やアプリケーションのクラッシュ) を引き起こす脆弱性があります。(CVE-2009-1690)
- WebKitには CSSの attr 関数を扱う際にポインタを初期化しない問題があり、巧妙に作られた HTML ドキュメントによってリモートの攻撃者が任意のコードを実行したり、サービス拒否 (メモリ破壊やアプリケーションのクラッシュ) を引き起こす脆弱性があります。(CVE-2009-1698)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2009-1687
The JavaScript garbage collector in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle allocation failures, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document that triggers write access to an "offset of a NULL pointer."
The JavaScript garbage collector in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle allocation failures, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document that triggers write access to an "offset of a NULL pointer."
CVE-2009-1690
Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by setting an unspecified property of an HTML tag that causes child elements to be freed and later accessed when an HTML error occurs, related to "recursion in certain DOM event handlers."
Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by setting an unspecified property of an HTML tag that causes child elements to be freed and later accessed when an HTML error occurs, related to "recursion in certain DOM event handlers."
CVE-2009-1698
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.
追加情報:
N/A
ダウンロード:
SRPMS
- kdelibs-3.5.5-11.24AXS3.src.rpm
MD5: 71f46b5cae0f83b1289c49035d68d1f9
SHA-256: 95f900bb81fb59ac5f46e4cab460042ac307480048a3a15f20a79734d765b55e
Size: 14.93 MB
Asianux Server 3 for x86
- kdelibs-3.5.5-11.24AXS3.i386.rpm
MD5: a2b51ee768c7b9fb8781c362fd84b2ce
SHA-256: df0e9dcc69570b8914cdf3407036e3b297b1b6b92cb82406fd272392ddfdc9ef
Size: 13.05 MB - kdelibs-devel-3.5.5-11.24AXS3.i386.rpm
MD5: ded6a64321da816a3844fd97c11b8d36
SHA-256: 146192ef002691afb9717abde396cf912003aad0ffe7747eb80211f3cfebc58b
Size: 1.34 MB
Asianux Server 3 for x86_64
- kdelibs-3.5.5-11.24AXS3.x86_64.rpm
MD5: efa571388756e2a2b37267048f46309a
SHA-256: 8b8f45f8f5b532c61ef0dca9289f2306d53c9f8a2952505dfc0fc1e057427866
Size: 13.16 MB - kdelibs-devel-3.5.5-11.24AXS3.x86_64.rpm
MD5: 7f07b87c9cf05dcc865f747d41650e81
SHA-256: 3c5a4864b237ab503f678d0115bda94c42637829772ad7522b9046f504a3ca34
Size: 1.34 MB