|
Family: Ubuntu Local Security Checks --> Category: infos
USN42-1 : xine-lib vulnerabilities Vulnerability Scan
Vulnerability Scan Summary xine-lib vulnerabilities
Detailed Explanation for this Vulnerability Test
Synopsis :
These remote packages are missing security patches :
- libxine-dev
- libxine1
Description :
Several buffer overflows have been discovered in xine-lib, the
video/audio codec library for Xine frontends (xine-ui, totem-xine,
kaffeine, and others). If a possible hacker tricked a user into loading a
malicious RTSP stream or a stream with specially crafted AIFF audio or
PNM image data, they could exploit this to execute arbitrary code with
the rights of the user opening the audio/video file.
Solution :
Upgrade to :
- libxine-dev-1-rc5-1ubuntu2.1 (Ubuntu 4.10)
- libxine1-1-rc5-1ubuntu2.1 (Ubuntu 4.10)
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|