Oracle Linux 3 / 4 : libgsf (ELSA-2007-0011)
High Nessus Plugin ID 67437
SynopsisThe remote Oracle Linux host is missing one or more security updates.
DescriptionFrom Red Hat Security Advisory 2007:0011 :
Updated libgsf packages that fix a buffer overflow flaw are now available.
This update has been rated as having moderate security impact by the Red Hat Security Response Team.
The GNOME Structured File Library is a utility library for reading and writing structured file formats.
A heap based buffer overflow flaw was found in the way GNOME Structured File Library processes and certain OLE documents. If an person opened a specially crafted OLE file, it could cause the client application to crash or execute arbitrary code. (CVE-2006-4514)
Users of GNOME Structured File Library should upgrade to these updated packages, which contain a backported patch that resolves this issue.
SolutionUpdate the affected libgsf packages.