Oval Definition:	oval:org.mitre.oval:def:21815
Revision Date: 2014-02-24 Version: 11 Title: RHSA-2010:0018: dbus security update (Moderate) Description: The _dbus_validate_signature_with_reason function (dbus-marshal-validate.c) in D-Bus (aka DBus) before 1.2.14 uses incorrect logic to validate a basic type, which allows remote attackers to spoof a signature via a crafted key. NOTE: this is due to an incorrect fix for CVE-2008-3834. Family: unix Class: patch Status: ACCEPTED Reference(s): CESA-2010:0018 CVE-2009-1189 RHSA-2010:0018-01 Platform(s): CentOS Linux 5 Red Hat Enterprise Linux 5 Product(s): dbus Definition Synopsis Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 OR The operating system installed on the system is CentOS Linux 5.x AND Packages section dbus-x11 is earlier than 0:1.1.2-12.el5_4.1 OR dbus-devel is earlier than 0:1.1.2-12.el5_4.1 OR dbus is earlier than 0:1.1.2-12.el5_4.1 OR dbus-libs is earlier than 0:1.1.2-12.el5_4.1
BACK