|
Family: Ubuntu Local Security Checks --> Category: infos
USN123-1 : xine-lib vulnerabilities Vulnerability Scan
Vulnerability Scan Summary xine-lib vulnerabilities
Detailed Explanation for this Vulnerability Test
Synopsis :
These remote packages are missing security patches :
- libxine-dev
- libxine1
Description :
Two buffer overflows have been discovered in the MMS and Real RTSP
stream handlers of the Xine library. By tricking a user to connect to
a malicious MMS or RTSP video/audio stream source with an application
that uses this library, a possible hacker could crash the client and
possibly even execute arbitrary code with the rights of the player
application.
Solution :
Upgrade to :
- libxine-dev-1.0-1ubuntu3.1 (Ubuntu 5.04)
- libxine1-1.0-1ubuntu3.1 (Ubuntu 5.04)
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|