|
Family: Ubuntu Local Security Checks --> Category: infos
USN268-1 : kaffeine vulnerability Vulnerability Scan
Vulnerability Scan Summary kaffeine vulnerability
Detailed Explanation for this Vulnerability Test
Synopsis :
These remote packages are missing security patches :
- kaffeine
- kaffeine-gstreamer
- kaffeine-xine
Description :
Marcus Meissner discovered a buffer overflow in the http_peek()
function. By tricking an user into opening a specially crafted
playlist URL with Kaffeine, a remote attacker could exploit this to
execute arbitrary code with the user's rights.
Solution :
Upgrade to :
- kaffeine-0.7-0ubuntu4.1 (Ubuntu 5.10)
- kaffeine-gstreamer-0.7-0ubuntu4.1 (Ubuntu 5.10)
- kaffeine-xine-0.7-0ubuntu4.1 (Ubuntu 5.10)
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|