Fedora 11 : webkitgtk-1.1.8-1.fc11 (2009-6166)

This script is Copyright (C) 2009-2015 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing a security update.

Description :

WebKitGTK+ 1.1.8 contains many bug-fixes and updates including
spell-checking support, enhanced error reporting, lots of ATK
enhancements, support for copying images to the clipboard, and a new
printing API (since 1.1.5) that allows applications better control and
monitoring of the printing process. Also, a potential buffer overflow
in SVGList::insertItemBefore has been fixed (CVE-2009-0945); and the
JIT compiler is now enabled by default for x86_64 systems. Please see
the upstream changelog for the full list of fixes and enhancements:
http://svn.webkit.org/repository/webkit/trunk/WebKit/gtk/NEWS

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

http://svn.webkit.org/repository/webkit/trunk/WebKit/gtk/NEWS
https://bugzilla.redhat.com/show_bug.cgi?id=443048
https://bugzilla.redhat.com/show_bug.cgi?id=484335
https://bugzilla.redhat.com/show_bug.cgi?id=502673
http://www.nessus.org/u?81703ee6

Solution :

Update the affected webkitgtk package.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.3
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: Fedora Local Security Checks

Nessus Plugin ID: 39771 (fedora_2009-6166.nasl)

Bugtraq ID: 34924

CVE ID: CVE-2009-0945

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now