Solution
Please Install the Updated Packages.
Insight
Newt is a programming library for color text mode, widget-based user interfaces. Newt can be used to add stacked windows, entry widgets, checkboxes, radio buttons, labels, plain text fields, scrollbars, and so on, to text mode user interfaces.
A heap-based buffer overflow flaw was found in the way newt processes content that is to be displayed in a text dialog box. A local attacker could issue a specially-crafted text dialog box display request (direct or via a custom application), leading to a denial of service (application crash) or, potentially, arbitrary code execution with the privileges of the user running the application using the newt library. (CVE-2009-2905)
Users of newt should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, all applications using the newt library must be restarted for the update to take effect.
Affected
newt on CentOS 3
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2009-2905 -
CVSS Base Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities