Gentoo Security Advisory GLSA 201204-05 (SWFTools) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 201204-05.

Solution

Gentoo discontinued support for SWFTools. We recommend that users unmerge swftools: # emerge --unmerge 'media-gfx/swftools' NOTE: Users could upgrade to ' > =media-gfx/swftools-0.9.1', however these packages are not currently stable. http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201204-05 http://bugs.gentoo.org/show_bug.cgi?id=332649

Insight

A heap-based buffer overflow in SWFTools could result in the execution of arbitrary code.

Severity

Classification

CVE CVE-2010-1516

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Gentoo Security Advisory GLSA 200404-03 (tcpdump)
Gentoo Security Advisory GLSA 200408-22 (mozilla)
Gentoo Security Advisory GLSA 200407-11 (app-text/wv)
Gentoo Security Advisory GLSA 200312-03 (rsync)
Gentoo Security Advisory GLSA 200405-14 (subversion)

Take action and discover your vulnerabilities