Family: Slackware Local Security Checks --> Category: infos
SSA-2005-283-01 xine-lib Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
New xine-lib packages are available for Slackware 9.1, 10.0, 10.1, 10.2,
and -current to fix a security issue. A format string bug may allow the
execution of arbitrary code as the user running a xine-lib linked
application. The attacker must provide (by uploading or running a server)
specially crafted CDDB information and then get the user to play the
referenced audio CD.
The official Xine advisory may be found here:
Click HERE for more information and discussions on this network vulnerability scan.