Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2013-0131

Опубликовано: 11 янв. 2013
Источник: oracle-oval
Платформа: Oracle Linux 5

Описание

ELSA-2013-0131: gnome-vfs2 security and bug fix update (LOW)

[2.16.2-10.el5]

  • Prevent trash applet crashing (#848822)

[2.16.2-9.el5]

  • Prevent deleting items linking out of the trash (#586015)
  • Do not stat every file on an ClearCase mvfs filesystem (#822817)
  • Do not silently skip directory having no read permission during copy (#772307)
  • Allow trashing symlink to filesystem root that does not support trashing (#621394)
  • CVE-2009-2473 gnome-vfs2 embedded neon: billion laughs DoS attack (#540548)

Обновленные пакеты

Oracle Linux 5

Oracle Linux ia64

gnome-vfs2

2.16.2-10.el5

gnome-vfs2-devel

2.16.2-10.el5

gnome-vfs2-smb

2.16.2-10.el5

Oracle Linux x86_64

gnome-vfs2

2.16.2-10.el5

gnome-vfs2-devel

2.16.2-10.el5

gnome-vfs2-smb

2.16.2-10.el5

Oracle Linux i386

gnome-vfs2

2.16.2-10.el5

gnome-vfs2-devel

2.16.2-10.el5

gnome-vfs2-smb

2.16.2-10.el5

Связанные CVE

CVE-2009-2473

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2009-2473

ubuntu
почти 16 лет назад

neon before 0.28.6, when expat is used, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.

redhat логотип

CVE-2009-2473

redhat
почти 16 лет назад

neon before 0.28.6, when expat is used, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.

nvd логотип

CVE-2009-2473

nvd
почти 16 лет назад

neon before 0.28.6, when expat is used, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.

debian логотип

CVE-2009-2473

debian
почти 16 лет назад

neon before 0.28.6, when expat is used, does not properly detect recur ...

github логотип

GHSA-9vc6-7j3x-7x4v

github
около 3 лет назад

neon before 0.28.6, when expat is used, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.

Уязвимость ELSA-2013-0131