[FEDORA-2007-0001] Fedora 7: mutt, libpng10, jasper, libexif, devhelp & 2 more
Severity
High
Affected Packages
7
CVEs
12
This update fixes two security issues:
The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. (CVE-2007-1558)
Buffer overflow in Mutt 1.4.2 might allow local users to execute arbitrary code via "&" characters in the GECOS field, which triggers the overflow during alias expansion. (CVE-2007-2683)
Package | Affected Version |
---|---|
pkg:rpm/fedora/yelp?distro=fedora-7 | < 2.18.1.4.fc7 |
pkg:rpm/fedora/mutt?distro=fedora-7 | < 1.5.14.4.fc7 |
pkg:rpm/fedora/libpng10?distro=fedora-7 | < 1.0.26.1.fc7.1 |
pkg:rpm/fedora/libexif?distro=fedora-7 | < 0.6.15.1.fc7 |
pkg:rpm/fedora/jasper?distro=fedora-7 | < 1.900.1.2.fc7 |
pkg:rpm/fedora/firefox?distro=fedora-7 | < 2.0.0.4.1.fc7 |
pkg:rpm/fedora/devhelp?distro=fedora-7 | < 0.13.8.fc7 |
- ID
- FEDORA-2007-0001
- Severity
- high
- Severity from
- CVE-2007-2645
- URL
- https://bodhi.fedoraproject.org/updates/FEDORA-2007-0001
- Published
-
2007-05-31T18:07:48
(17 years ago) - Modified
-
2007-05-31T18:07:48
(17 years ago) - Rights
- Copyright 2007 Red Hat, Inc.
- Other Advisories
-
- ELSA-2007-0344
- ELSA-2007-0356
- ELSA-2007-0385
- ELSA-2007-0386
- ELSA-2007-0400
- ELSA-2009-0012
- ELSA-2009-1140
- FEDORA-2007-0414
- FEDORA-2007-0544
- FEDORA-2007-1447
- FEDORA-2007-2521
- FEDORA-2007-2666
- FEDORA-2007-4608
- FEDORA-2007-528
- FEDORA-2007-529
- FEDORA-2007-539
- FEDORA-2007-540
- FEDORA-2007-548
- FEDORA-2007-549
- FEDORA-2007-550
- FEDORA-2007-551
- FEDORA-2007-552
- FEDORA-2007-554
- FEDORA-2008-3979
- FEDORA-2008-4947
- FREEBSD:4CB9C513-03EF-11DC-A51D-0019B95D4F14
- FREEBSD:863F95D3-3DF1-11DC-B3D3-0016179B2DD5
- FREEBSD:C389D06D-EE57-11DB-BD51-0016179B2DD5
- FREEBSD:F1C4D133-E6D3-11DB-99EA-0060084A00E5
- GLSA-200705-24
- GLSA-200706-01
- GLSA-200706-06
- GLSA-201412-11
- SSA:2007-136-01
- USN-443-1
- USN-468-1
- USN-469-1
- USN-471-1
- USN-472-1
- USN-501-1
- USN-501-2
- USN-520-1
- VU:609956
- VU:684664
- VU:751636
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/fedora/yelp?distro=fedora-7 | fedora | yelp | < 2.18.1.4.fc7 | fedora-7 | ||
Affected | pkg:rpm/fedora/mutt?distro=fedora-7 | fedora | mutt | < 1.5.14.4.fc7 | fedora-7 | ||
Affected | pkg:rpm/fedora/libpng10?distro=fedora-7 | fedora | libpng10 | < 1.0.26.1.fc7.1 | fedora-7 | ||
Affected | pkg:rpm/fedora/libexif?distro=fedora-7 | fedora | libexif | < 0.6.15.1.fc7 | fedora-7 | ||
Affected | pkg:rpm/fedora/jasper?distro=fedora-7 | fedora | jasper | < 1.900.1.2.fc7 | fedora-7 | ||
Affected | pkg:rpm/fedora/firefox?distro=fedora-7 | fedora | firefox | < 2.0.0.4.1.fc7 | fedora-7 | ||
Affected | pkg:rpm/fedora/devhelp?distro=fedora-7 | fedora | devhelp | < 0.13.8.fc7 | fedora-7 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |