Detections
Analytics
GLSA-201406-28 : Libav: Multiple vulnerabilities
critical Nessus Plugin ID 76272
Language:
Synopsis
The remote Gentoo host is missing one or more security-related patches.Description
The remote host is affected by the vulnerability described in GLSA-201406-28 (Libav: Multiple vulnerabilities)Multiple vulnerabilities have been discovered in Libav. Please review the CVE identifiers referenced below for details.
Impact :
A remote attacker could entice a user to open a specially crafted media file in an application linked against Libav, possibly resulting in execution of arbitrary code with the privileges of the application or a Denial of Service condition.
Workaround :
There is no known workaround at this time.
Solution
All Libav users should upgrade to the latest version:# emerge --sync # emerge --ask --oneshot --verbose '>=media-video/libav-0.8.7' Packages which depend on this library may need to be recompiled. Tools such as revdep-rebuild may assist in identifying these packages.
See Also
Plugin Details
Severity: Critical
ID: 76272
File Name: gentoo_GLSA-201406-28.nasl
Version: 1.8
Type: local
Family: Gentoo Local Security Checks
Published: 6/27/2014
Updated: 1/6/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 7.4
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: p-cpe:/a:gentoo:linux:libav, cpe:/o:gentoo:linux
Required KB Items: Host/local_checks_enabled, Host/Gentoo/release, Host/Gentoo/qpkg-list
Exploit Ease: No known exploits are available
Patch Publication Date: 6/26/2014
Reference Information
CVE: CVE-2012-2772, CVE-2012-2775, CVE-2012-2776, CVE-2012-2777, CVE-2012-2779, CVE-2012-2783, CVE-2012-2784, CVE-2012-2786, CVE-2012-2787, CVE-2012-2788, CVE-2012-2789, CVE-2012-2790, CVE-2012-2791, CVE-2012-2793, CVE-2012-2794, CVE-2012-2796, CVE-2012-2797, CVE-2012-2798, CVE-2012-2800, CVE-2012-2801, CVE-2012-2802, CVE-2012-2803, CVE-2012-2804, CVE-2012-5144
GLSA: 201406-28