|
Family: Debian Local Security Checks --> Category: infos
[DSA1005] DSA-1005-1 xine-lib Vulnerability Scan
Vulnerability Scan Summary DSA-1005-1 xine-lib
Detailed Explanation for this Vulnerability Test
Simon Kilvington discovered that specially crafted PNG images can trigger
a heap overflow in libavcodec, the multimedia library of ffmpeg, which may
lead to the execution of arbitrary code.
xine-lib includes a local copy of libavcodec.
The old stable distribution (woody) isn't affected by this problem.
For the stable distribution (sarge) this problem has been fixed in
version 1.0.1-1sarge2.
For the unstable distribution (sid) this problem has been fixed in
version 1.0.1-1.5.
We recommend that you upgrade your xine-lib package.
Solution : http://www.debian.org/security/2006/dsa-1005
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|