This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-200712-24
(AMD64 x86 emulation GTK+ library: User-assisted execution of arbitrary code)
The Cairo versions used by the AMD64 x86 emulation GTK+ libraries were
vulnerable to integer overflow vulnerabilities (GLSA 200712-04).
A remote attacker could entice a user to view or process a specially
crafted PNG image file in an application linked against Cairo, possibly
leading to the execution of arbitrary code with the privileges of the
user running the application.
There is no known workaround at this time.
See also :
All AMD64 x86 emulation GTK+ library users should upgrade to the latest
# emerge --sync
# emerge --ask --oneshot --verbose '>=app-emulation/emul-linux-x86-gtklibs-20071214'
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 5.5
Public Exploit Available : false
Family: Gentoo Local Security Checks
Nessus Plugin ID: 29821 (gentoo_GLSA-200712-24.nasl)
Bugtraq ID: 26650