Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT Security Bulletin
ASB-2012.0173
A vulnerability has been identified in Gnome Structured File
library within Solaris 10
13 December 2012
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: libgsf
Operating System: Solaris
Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2006-4514
Member content until: Saturday, January 12 2013
Reference: ESB-2007.0025
ESB-2006.0878
ESB-2006.0877
OVERVIEW
A vulnerability has been identified in Gnome Structured File library
(libgsf), a third-party component of Solaris 10.
IMPACT
The vendor has provided the following details regarding this
vulnerability:
"CVE-2006-4514 Improper Restriction of Operations within the Bounds
of a Memory Buffer vulnerability" [1]
MITIGATION
The vendor recommends applying the appropriate patch to correct
this issue. [1]
REFERENCES
[1] CVE-2006-4514 Buffer overflow vulnerability in Gnome Structured
File library (libgsf)
https://blogs.oracle.com/sunsecurity/entry/cve_2006_4514_buffer_overflow
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBUMkvCu4yVqjM2NGpAQLIng/+KH3qmH7cRuWb+1OX85kpl5qxulVdKxGb
obyFhEkIDzGQdhJw+Fq+41cLpAi4b90BZ+GtuhFB0+sAoUS+ZguATw0JqEQAFbqZ
yvAwLJoNpRFObheH55n4PL5cNJFihPpLSV4ydSt8OyCL7uO8+3GSnr8fUU/apibe
YndzAELXfhwNt9lufgq7tSdpvCPlquiaRD9FOmF6ungJDJilgqYgNcYfcAYWCF/o
lZ66AlY/9wURTmjtouPu/VGO/SJFtZHv3ULHbD5jtIefHeHUZRhv9nuN6H78cmN2
tKpI2mToKgbOcHdQ65dwvKw+qJ54Umn0zJeqGbquSxABvPJ8qhaP9ZeeSTAxX8Ab
u+h6Q6Peb7Ju7fou65y2dHgW574pDPwuj9jWLsu6LSonh5Z06mbVE8E+1is4TxBF
3Y2yDohRvTzKqbDmSqT6akBrwH2cKVbIHn2iYpw5laPD3v5zL+a28NebXibsp3B6
DhLeOBjU+AlZJV9+nIul4kaNMh106b3baWTpLIYslHGiZqWTwOfZBz6D+kmiVBFQ
hH/ykwVznNn/mJpIFHnNPNoxh5BUCUnywVE/P93xo0OJMOVJK+cqlSmMmCqBUrSY
ilVhSGEdrouEyLsWKdhCpjm6hn1JoPsqpImebbSOCY6aTRoSBZzo/2S8hkLSYuYy
gE9Ix91amD8=
=X+/U
-----END PGP SIGNATURE-----