Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2006:085: xine-ui Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the xine-ui package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2006:085 (xine-ui).
Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine allow
remote attackers to execute arbitrary code via format string specifiers in
a long filename on an EXTINFO line in a playlist file.
Packages have been patched to correct this issue.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:085
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.