Scientific Linux Security Update : raptor on SL6.x i386/x86_64

This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.

Synopsis :

The remote Scientific Linux host is missing one or more security

Description :

Raptor provides parsers for Resource Description Framework (RDF)

An XML External Entity expansion flaw was found in the way Raptor
processed RDF files. If an application linked against Raptor were to
open a specially crafted RDF file, it could possibly allow a remote
attacker to obtain a copy of an arbitrary local file that the user
running the application had access to. A bug in the way Raptor handled
external entities could cause that application to crash or, possibly,
execute arbitrary code with the privileges of the user running the
application. (CVE-2012-0037)

All Raptor users are advised to upgrade to these updated packages,
which contain a backported patch to correct this issue. All running
applications linked against Raptor must be restarted for this update
to take effect.

See also :

Solution :

Update the affected raptor, raptor-debuginfo and / or raptor-devel

Risk factor :

Medium / CVSS Base Score : 4.3

Family: Scientific Linux Local Security Checks

Nessus Plugin ID: 61288 ()

Bugtraq ID:

CVE ID: CVE-2012-0037

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now