Advisories ยป MGASA-2013-0268

Updated libdigidoc packages fix CVE-2013-5648

Publication date: 30 Aug 2013
Type: security
Affected Mageia releases : 2 , 3
CVE: CVE-2013-5648

Description

Updated libdigidoc packages fix security vulnerability:

Fixed one critical bug in the DDOC parsing routines. By persuading a victim to
open a specially-crafted DDOC file, a remote attacker could exploit this
vulnerability to overwrite arbitrary files on the system with the privileges
of the victim (CVE-2013-5648).
                

References

SRPMS

3/core

2/core