{"cve": [{"lastseen": "2016-09-03T10:04:52", "references": ["https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00395.html", "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00442.html", "http://bugs.gentoo.org/show_bug.cgi?id=209106", "http://security.gentoo.org/glsa/glsa-200802-12.xml", "http://www.vupen.com/english/advisories/2008/0406/references", "http://www.securityfocus.com/archive/1/archive/1/487501/100/0/threaded", "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html", "https://bugzilla.redhat.com/show_bug.cgi?id=431541", "http://security.gentoo.org/glsa/glsa-200803-16.xml", "http://www.ubuntu.com/usn/usn-635-1", "http://www.mplayerhq.hu/design7/news.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2008:046", "http://sourceforge.net/project/shownotes.php?group_id=9655&release_id=574735", "http://www.coresecurity.com/?action=item&id=2103", "http://www.debian.org/security/2008/dsa-1536", "http://securityreason.com/securityalert/3608", "http://www.mandriva.com/security/advisories?name=MDVSA-2008:045", "http://www.securityfocus.com/bid/27441", "http://www.vupen.com/english/advisories/2008/0421", "http://lists.grok.org.uk/pipermail/full-disclosure/2008-February/060033.html", "http://bugs.xine-project.org/show_bug.cgi?id=38", "http://www.debian.org/security/2008/dsa-1496"], "edition": 1, "description": "Array index vulnerability in libmpdemux/demux_audio.c in MPlayer 1.0rc2 and SVN before r25917, and possibly earlier versions, as used in Xine-lib 1.1.10, might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow.", "reporter": "NVD", "published": "2008-02-05T07:00:00", "type": "cve", "title": "CVE-2008-0486", "enchantments": {"score": {"modified": "2016-09-03T10:04:52", "vector": "NONE", "value": 7.5}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2008-0486"], "scanner": [], "modified": "2011-03-07T22:04:47", "cpe": ["cpe:/a:mplayer:mplayer:1.02rc2", "cpe:/a:xine:xine-lib:1.1.10"], "id": "CVE-2008-0486", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-0486", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2018-09-01T23:42:06", "references": ["http://www.nessus.org/u?e154db68", "https://bugzilla.redhat.com/show_bug.cgi?id=431541", "http://www.nessus.org/u?7855ae4b"], "pluginID": "31068", "description": "- Fri Feb 8 2008 Ville Skytta <ville.skytta at iki.fi> - 1.1.10.1-1 - 1.1.10.1 (security update, #431541). * Sun Jan 27 2008 Ville Skytta <ville.skytta at iki.fi> - 1.1.10-2 - Include spu, spucc, and spucmml decoders (#213597). Upstream release notes:\n http://sourceforge.net/project/shownotes.php?group_id=96 55&release_id=574735\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 4, "reporter": "Tenable", "published": "2008-02-14T00:00:00", "title": "Fedora 8 : xine-lib-1.1.10.1-1.fc8 (2008-1543)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0486"], "modified": "2015-10-21T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:8", "p-cpe:/a:fedoraproject:fedora:xine-lib"], "id": "FEDORA_2008-1543.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=31068", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-1543.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(31068);\n script_version (\"$Revision: 1.14 $\");\n script_cvs_date(\"$Date: 2015/10/21 22:13:37 $\");\n\n script_cve_id(\"CVE-2008-0486\");\n script_bugtraq_id(27441);\n script_xref(name:\"FEDORA\", value:\"2008-1543\");\n\n script_name(english:\"Fedora 8 : xine-lib-1.1.10.1-1.fc8 (2008-1543)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Fri Feb 8 2008 Ville Skytta <ville.skytta at iki.fi> -\n 1.1.10.1-1 - 1.1.10.1 (security update, #431541). * Sun\n Jan 27 2008 Ville Skytta <ville.skytta at iki.fi> -\n 1.1.10-2 - Include spu, spucc, and spucmml decoders\n (#213597). Upstream release notes:\n http://sourceforge.net/project/shownotes.php?group_id=96\n 55&release_id=574735\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://sourceforge.net/project/shownotes.php?group_id=9655&release_id=574735\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7855ae4b\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=431541\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-February/007776.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e154db68\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xine-lib package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xine-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:8\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/02/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 8.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC8\", reference:\"xine-lib-1.1.10.1-1.fc8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xine-lib\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:00:40", "references": ["http://www.nessus.org/u?f14f2d0f", "http://www.nessus.org/u?bb147f0f"], "pluginID": "31304", "description": "xine Team reports :\n\nA new xine-lib version is now available. This release contains a security fix (array index vulnerability which may lead to a stack buffer overflow.", "edition": 4, "reporter": "Tenable", "published": "2008-02-28T00:00:00", "title": "FreeBSD : libxine -- buffer overflow vulnerability (e8a6a16d-e498-11dc-bb89-000bcdc1757a)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0486"], "modified": "2013-08-09T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:libxine"], "id": "FREEBSD_PKG_E8A6A16DE49811DCBB89000BCDC1757A.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=31304", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2013 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(31304);\n script_version(\"$Revision: 1.11 $\");\n script_cvs_date(\"$Date: 2013/08/09 10:50:39 $\");\n\n script_cve_id(\"CVE-2008-0486\");\n\n script_name(english:\"FreeBSD : libxine -- buffer overflow vulnerability (e8a6a16d-e498-11dc-bb89-000bcdc1757a)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"xine Team reports :\n\nA new xine-lib version is now available. This release contains a\nsecurity fix (array index vulnerability which may lead to a stack\nbuffer overflow.\"\n );\n # http://www.xinehq.de/index.php/news\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f14f2d0f\"\n );\n # http://www.freebsd.org/ports/portaudit/e8a6a16d-e498-11dc-bb89-000bcdc1757a.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bb147f0f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:libxine\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/02/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2013 Tenable Network Security, Inc.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"libxine<1.1.10.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:33:52", "references": ["http://support.novell.com/security/cve/CVE-2008-0486.html"], "pluginID": "31460", "description": "This update of xine fixes a possible buffer overflow that can be triggered via FLAC tags to execute arbitrary code (CVE-2008-0486) and a possible buffer overflow in the matroska demuxer.", "edition": 4, "reporter": "Tenable", "published": "2008-03-13T00:00:00", "title": "SuSE 10 Security Update : xine (ZYPP Patch Number 5080)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0486"], "modified": "2012-05-17T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_XINE-DEVEL-5080.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=31460", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(31460);\n script_version (\"$Revision: 1.11 $\");\n script_cvs_date(\"$Date: 2012/05/17 11:27:19 $\");\n\n script_cve_id(\"CVE-2008-0486\");\n\n script_name(english:\"SuSE 10 Security Update : xine (ZYPP Patch Number 5080)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of xine fixes a possible buffer overflow that can be\ntriggered via FLAC tags to execute arbitrary code (CVE-2008-0486) and\na possible buffer overflow in the matroska demuxer.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-0486.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5080.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/03/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/03/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2012 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"xine-devel-1.1.1-24.29\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"xine-lib-1.1.1-24.29\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"xine-lib-32bit-1.1.1-24.29\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:44:12", "references": [], "pluginID": "31459", "description": "This update of xine fixes a possible buffer overflow that can be triggered via FLAC tags to execute arbitrary code (CVE-2008-0486) and a possible buffer overflow in the matroska demuxer.", "edition": 5, "reporter": "Tenable", "published": "2008-03-13T00:00:00", "title": "openSUSE 10 Security Update : xine-devel (xine-devel-5078)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0486"], "modified": "2018-07-19T00:00:00", "cpe": ["cpe:/o:novell:opensuse:10.2", "p-cpe:/a:novell:opensuse:xine-devel", "p-cpe:/a:novell:opensuse:xine-ui", "cpe:/o:novell:opensuse:10.1", "p-cpe:/a:novell:opensuse:xine-ui-32bit", "p-cpe:/a:novell:opensuse:xine-lib", "p-cpe:/a:novell:opensuse:xine-lib-32bit", "p-cpe:/a:novell:opensuse:xine-extra"], "id": "SUSE_XINE-DEVEL-5078.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=31459", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update xine-devel-5078.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(31459);\n script_version (\"1.7\");\n script_cvs_date(\"Date: 2018/07/19 23:54:24\");\n\n script_cve_id(\"CVE-2008-0486\");\n\n script_name(english:\"openSUSE 10 Security Update : xine-devel (xine-devel-5078)\");\n script_summary(english:\"Check for the xine-devel-5078 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of xine fixes a possible buffer overflow that can be\ntriggered via FLAC tags to execute arbitrary code (CVE-2008-0486) and\na possible buffer overflow in the matroska demuxer.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xine-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xine-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xine-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xine-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xine-lib-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xine-ui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xine-ui-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/03/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2018 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.1|SUSE10\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.1 / 10.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.1\", reference:\"xine-devel-1.1.1-24.29\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"xine-extra-1.1.1-24.29\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"xine-lib-1.1.1-24.29\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"xine-ui-0.99.4-32.25\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", cpu:\"x86_64\", reference:\"xine-lib-32bit-1.1.1-24.29\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"xine-devel-1.1.2-40.7\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"xine-extra-1.1.2-40.7\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"xine-lib-1.1.2-40.7\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"xine-ui-0.99.4-84.4\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", cpu:\"x86_64\", reference:\"xine-lib-32bit-1.1.2-40.7\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", cpu:\"x86_64\", reference:\"xine-ui-32bit-0.99.4-84.4\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xine-lib\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:54:41", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=431541", "http://www.nessus.org/u?7855ae4b", "http://www.nessus.org/u?c37a6482"], "pluginID": "31072", "description": "- Fri Feb 8 2008 Ville Skytta <ville.skytta at iki.fi> - 1.1.10.1-1 - 1.1.10.1 (security update, #431541). * Sun Jan 27 2008 Ville Skytta <ville.skytta at iki.fi> - 1.1.10-2 - Include spu, spucc, and spucmml decoders (#213597). Upstream release notes:\n http://sourceforge.net/project/shownotes.php?group_id=96 55&release_id=574735\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 4, "reporter": "Tenable", "published": "2008-02-14T00:00:00", "title": "Fedora 7 : xine-lib-1.1.10.1-1.fc7 (2008-1581)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0486"], "modified": "2015-10-21T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:7", "p-cpe:/a:fedoraproject:fedora:xine-lib"], "id": "FEDORA_2008-1581.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=31072", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-1581.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(31072);\n script_version (\"$Revision: 1.14 $\");\n script_cvs_date(\"$Date: 2015/10/21 22:13:37 $\");\n\n script_cve_id(\"CVE-2008-0486\");\n script_bugtraq_id(27441);\n script_xref(name:\"FEDORA\", value:\"2008-1581\");\n\n script_name(english:\"Fedora 7 : xine-lib-1.1.10.1-1.fc7 (2008-1581)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Fri Feb 8 2008 Ville Skytta <ville.skytta at iki.fi> -\n 1.1.10.1-1 - 1.1.10.1 (security update, #431541). * Sun\n Jan 27 2008 Ville Skytta <ville.skytta at iki.fi> -\n 1.1.10-2 - Include spu, spucc, and spucmml decoders\n (#213597). Upstream release notes:\n http://sourceforge.net/project/shownotes.php?group_id=96\n 55&release_id=574735\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://sourceforge.net/project/shownotes.php?group_id=9655&release_id=574735\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7855ae4b\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=431541\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-February/007823.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c37a6482\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xine-lib package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xine-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/02/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 7.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC7\", reference:\"xine-lib-1.1.10.1-1.fc7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xine-lib\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:10:33", "references": ["https://security.gentoo.org/glsa/200802-12"], "pluginID": "31295", "description": "The remote host is affected by the vulnerability described in GLSA-200802-12 (xine-lib: User-assisted execution of arbitrary code)\n\n Damian Frizza and Alfredo Ortega (Core Security Technologies) discovered a stack-based buffer overflow within the open_flac_file() function in the file demux_flac.c when parsing tags within a FLAC file (CVE-2008-0486). A buffer overflow when parsing ASF headers, which is similar to CVE-2006-1664, has also been discovered (CVE-2008-1110).\n Impact :\n\n A remote attacker could entice a user to play specially crafted FLAC or ASF video streams with a player using xine-lib, potentially resulting in the execution of arbitrary code with the privileges of the user running the player.\n Workaround :\n\n There is no known workaround at this time.", "edition": 6, "reporter": "Tenable", "published": "2008-02-27T00:00:00", "title": "GLSA-200802-12 : xine-lib: User-assisted execution of arbitrary code", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0486", "CVE-2008-1110", "CVE-2006-1664"], "modified": "2018-08-10T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:xine-lib"], "id": "GENTOO_GLSA-200802-12.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=31295", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200802-12.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(31295);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/08/10 18:07:07\");\n\n script_cve_id(\"CVE-2006-1664\", \"CVE-2008-0486\", \"CVE-2008-1110\");\n script_xref(name:\"GLSA\", value:\"200802-12\");\n\n script_name(english:\"GLSA-200802-12 : xine-lib: User-assisted execution of arbitrary code\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200802-12\n(xine-lib: User-assisted execution of arbitrary code)\n\n Damian Frizza and Alfredo Ortega (Core Security Technologies)\n discovered a stack-based buffer overflow within the open_flac_file()\n function in the file demux_flac.c when parsing tags within a FLAC file\n (CVE-2008-0486). A buffer overflow when parsing ASF headers, which is\n similar to CVE-2006-1664, has also been discovered (CVE-2008-1110).\n \nImpact :\n\n A remote attacker could entice a user to play specially crafted FLAC or\n ASF video streams with a player using xine-lib, potentially resulting\n in the execution of arbitrary code with the privileges of the user\n running the player.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200802-12\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All xine-lib users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-libs/xine-lib-1.1.10.1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:xine-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/02/27\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/04/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"media-libs/xine-lib\", unaffected:make_list(\"ge 1.1.10.1\"), vulnerable:make_list(\"lt 1.1.10.1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xine-lib\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:09:46", "references": [], "pluginID": "36358", "description": "An array index vulnerability found in the FLAC audio demuxer might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow. Although originally an MPlayer issue, it also affects xine-lib due to code similarity.\n\nThe updated packages have been patched to prevent this issue.\n\nUpdate :\n\nThe previous update used a bad patch which made Amarok interface very unresponsive while playing FLAC files. This new update fixes the security issue with a better patch.", "edition": 6, "reporter": "Tenable", "published": "2009-04-23T00:00:00", "title": "Mandriva Linux Security Advisory : xine-lib (MDVSA-2008:046-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Mandriva Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0486", "CVE-2008-0630", "CVE-2008-0485", "CVE-2008-0629"], "modified": "2018-07-19T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:xine-gnomevfs", "p-cpe:/a:mandriva:linux:xine-caca", "p-cpe:/a:mandriva:linux:libxine1", "p-cpe:/a:mandriva:linux:xine-smb", "p-cpe:/a:mandriva:linux:xine-plugins", "p-cpe:/a:mandriva:linux:lib64xine1-devel", "p-cpe:/a:mandriva:linux:xine-flac", "p-cpe:/a:mandriva:linux:xine-esd", "p-cpe:/a:mandriva:linux:lib64xine-devel", "cpe:/o:mandriva:linux:2007.1", "p-cpe:/a:mandriva:linux:xine-jack", "p-cpe:/a:mandriva:linux:xine-pulse", "p-cpe:/a:mandriva:linux:xine-arts", "cpe:/o:mandriva:linux:2008.0", "p-cpe:/a:mandriva:linux:xine-dxr3", "p-cpe:/a:mandriva:linux:xine-sdl", "p-cpe:/a:mandriva:linux:libxine1-devel", "p-cpe:/a:mandriva:linux:lib64xine1", "p-cpe:/a:mandriva:linux:libxine-devel", "p-cpe:/a:mandriva:linux:xine-aa", "p-cpe:/a:mandriva:linux:xine-image"], "id": "MANDRIVA_MDVSA-2008-046.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=36358", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2008:046. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(36358);\n script_version (\"1.13\");\n script_cvs_date(\"Date: 2018/07/19 20:59:15\");\n\n script_cve_id(\"CVE-2008-0485\", \"CVE-2008-0486\", \"CVE-2008-0629\", \"CVE-2008-0630\");\n script_xref(name:\"MDVSA\", value:\"2008:046-1\");\n\n script_name(english:\"Mandriva Linux Security Advisory : xine-lib (MDVSA-2008:046-1)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An array index vulnerability found in the FLAC audio demuxer might\nallow remote attackers to execute arbitrary code via a crafted FLAC\ntag, which triggers a buffer overflow. Although originally an MPlayer\nissue, it also affects xine-lib due to code similarity.\n\nThe updated packages have been patched to prevent this issue.\n\nUpdate :\n\nThe previous update used a bad patch which made Amarok interface very\nunresponsive while playing FLAC files. This new update fixes the\nsecurity issue with a better patch.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64xine-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64xine1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64xine1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libxine-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libxine1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libxine1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xine-aa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xine-arts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xine-caca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xine-dxr3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xine-esd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xine-flac\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xine-gnomevfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xine-image\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xine-jack\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xine-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xine-pulse\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xine-sdl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xine-smb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64xine1-1.1.4-6.7mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64xine1-devel-1.1.4-6.7mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libxine1-1.1.4-6.7mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libxine1-devel-1.1.4-6.7mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"xine-aa-1.1.4-6.7mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"xine-arts-1.1.4-6.7mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"xine-caca-1.1.4-6.7mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"xine-dxr3-1.1.4-6.7mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"xine-esd-1.1.4-6.7mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"xine-flac-1.1.4-6.7mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"xine-gnomevfs-1.1.4-6.7mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"xine-image-1.1.4-6.7mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"xine-jack-1.1.4-6.7mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"xine-plugins-1.1.4-6.7mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"xine-pulse-1.1.4-6.7mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"xine-sdl-1.1.4-6.7mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"xine-smb-1.1.4-6.7mdv2007.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64xine-devel-1.1.8-4.5mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64xine1-1.1.8-4.5mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libxine-devel-1.1.8-4.5mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libxine1-1.1.8-4.5mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"xine-aa-1.1.8-4.5mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"xine-caca-1.1.8-4.5mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"xine-dxr3-1.1.8-4.5mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"xine-esd-1.1.8-4.5mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"xine-flac-1.1.8-4.5mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"xine-gnomevfs-1.1.8-4.5mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"xine-image-1.1.8-4.5mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"xine-jack-1.1.8-4.5mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"xine-plugins-1.1.8-4.5mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"xine-pulse-1.1.8-4.5mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"xine-sdl-1.1.8-4.5mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"xine-smb-1.1.8-4.5mdv2008.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:10:33", "references": ["https://security-tracker.debian.org/tracker/CVE-2007-1387", "https://security-tracker.debian.org/tracker/CVE-2008-0486", "https://security-tracker.debian.org/tracker/CVE-2008-0073", "http://www.debian.org/security/2008/dsa-1536", "https://security-tracker.debian.org/tracker/CVE-2008-1161", "https://security-tracker.debian.org/tracker/CVE-2007-1246", "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464696"], "pluginID": "31721", "description": "Several local vulnerabilities have been discovered in Xine, a media player library, allowed for a denial of service or arbitrary code execution, which could be exploited through viewing malicious content.\nThe Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2007-1246 / CVE-2007-1387 The DMO_VideoDecoder_Open function does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code (applies to sarge only).\n\n - CVE-2008-0073 Array index error in the sdpplin_parse function allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter.\n\n - CVE-2008-0486 Array index vulnerability in libmpdemux/demux_audio.c might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow (applies to etch only).\n\n - CVE-2008-1161 Buffer overflow in the Matroska demuxer allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Matroska file with invalid frame sizes.", "edition": 7, "reporter": "Tenable", "published": "2008-04-01T00:00:00", "title": "Debian DSA-1536-1 : libxine - several vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0073", "CVE-2008-0486", "CVE-2007-1246", "CVE-2008-1161", "CVE-2007-1387"], "modified": "2018-07-26T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:xine-lib", "cpe:/o:debian:debian_linux:4.0", "cpe:/o:debian:debian_linux:3.1"], "id": "DEBIAN_DSA-1536.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=31721", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1536. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(31721);\n script_version(\"1.18\");\n script_cvs_date(\"Date: 2018/07/26 13:32:43\");\n\n script_cve_id(\"CVE-2007-1246\", \"CVE-2007-1387\", \"CVE-2008-0073\", \"CVE-2008-0486\", \"CVE-2008-1161\");\n script_bugtraq_id(22771, 27441, 28312);\n script_xref(name:\"DSA\", value:\"1536\");\n\n script_name(english:\"Debian DSA-1536-1 : libxine - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several local vulnerabilities have been discovered in Xine, a media\nplayer library, allowed for a denial of service or arbitrary code\nexecution, which could be exploited through viewing malicious content.\nThe Common Vulnerabilities and Exposures project identifies the\nfollowing problems :\n\n - CVE-2007-1246 / CVE-2007-1387\n The DMO_VideoDecoder_Open function does not set the\n biSize before use in a memcpy, which allows\n user-assisted remote attackers to cause a buffer\n overflow and possibly execute arbitrary code (applies to\n sarge only).\n\n - CVE-2008-0073\n Array index error in the sdpplin_parse function allows\n remote RTSP servers to execute arbitrary code via a\n large streamid SDP parameter.\n\n - CVE-2008-0486\n Array index vulnerability in libmpdemux/demux_audio.c\n might allow remote attackers to execute arbitrary code\n via a crafted FLAC tag, which triggers a buffer overflow\n (applies to etch only).\n\n - CVE-2008-1161\n Buffer overflow in the Matroska demuxer allows remote\n attackers to cause a denial of service (crash) and\n possibly execute arbitrary code via a Matroska file with\n invalid frame sizes.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464696\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-1246\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-1387\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-0073\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-0486\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-1161\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2008/dsa-1536\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the xine-lib package.\n\nFor the old stable distribution (sarge), these problems have been\nfixed in version 1.0.1-1sarge7.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 1.1.2+dfsg-6.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xine-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/03/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/04/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"libxine-dev\", reference:\"1.0.1-1sarge7\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libxine1\", reference:\"1.0.1-1sarge7\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libxine-dev\", reference:\"1.1.2+dfsg-6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libxine1\", reference:\"1.1.2+dfsg-6\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libxine1-dbg\", reference:\"1.1.2+dfsg-6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:33:54", "references": ["https://security-tracker.debian.org/tracker/CVE-2008-0486", "https://security-tracker.debian.org/tracker/CVE-2008-0630", "https://security-tracker.debian.org/tracker/CVE-2008-0629", "https://security-tracker.debian.org/tracker/CVE-2008-0485", "http://www.debian.org/security/2008/dsa-1496"], "pluginID": "31056", "description": "Several buffer overflows have been discovered in the MPlayer movie player, which might lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2008-0485 Felipe Manzano and Anibal Sacco discovered a buffer overflow in the demuxer for MOV files.\n\n - CVE-2008-0486 Reimar Doeffinger discovered a buffer overflow in the FLAC header parsing.\n\n - CVE-2008-0629 Adam Bozanich discovered a buffer overflow in the CDDB access code.\n\n - CVE-2008-0630 Adam Bozanich discovered a buffer overflow in URL parsing.", "edition": 6, "reporter": "Tenable", "published": "2008-02-14T00:00:00", "title": "Debian DSA-1496-1 : mplayer - buffer overflows", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0486", "CVE-2008-0630", "CVE-2008-0485", "CVE-2008-0629"], "modified": "2018-08-09T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:4.0", "p-cpe:/a:debian:debian_linux:mplayer"], "id": "DEBIAN_DSA-1496.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=31056", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1496. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(31056);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/08/09 17:06:37\");\n\n script_cve_id(\"CVE-2008-0485\", \"CVE-2008-0486\", \"CVE-2008-0629\", \"CVE-2008-0630\");\n script_xref(name:\"DSA\", value:\"1496\");\n\n script_name(english:\"Debian DSA-1496-1 : mplayer - buffer overflows\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several buffer overflows have been discovered in the MPlayer movie\nplayer, which might lead to the execution of arbitrary code. The\nCommon Vulnerabilities and Exposures project identifies the following\nproblems :\n\n - CVE-2008-0485\n Felipe Manzano and Anibal Sacco discovered a buffer\n overflow in the demuxer for MOV files.\n\n - CVE-2008-0486\n Reimar Doeffinger discovered a buffer overflow in the\n FLAC header parsing.\n\n - CVE-2008-0629\n Adam Bozanich discovered a buffer overflow in the CDDB\n access code.\n\n - CVE-2008-0630\n Adam Bozanich discovered a buffer overflow in URL\n parsing.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-0485\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-0486\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-0629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-0630\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2008/dsa-1496\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the mplayer packages.\n\nThe old stable distribution (sarge) doesn't contain mplayer.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 1.0~rc1-12etch2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mplayer\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/02/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"mplayer\", reference:\"1.0~rc1-12etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"mplayer-doc\", reference:\"1.0~rc1-12etch2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:58:09", "references": ["https://security.gentoo.org/glsa/200803-16"], "pluginID": "31442", "description": "The remote host is affected by the vulnerability described in GLSA-200803-16 (MPlayer: Multiple buffer overflows)\n\n The following errors have been discovered in MPlayer:\n Felipe Manzano and Anibal Sacco (Core Security Technologies) reported an array indexing error in the file libmpdemux/demux_mov.c when parsing MOV file headers (CVE-2008-0485).\n Damian Frizza and Alfredo Ortega (Core Security Technologies) reported a boundary error in the file libmpdemux/demux_audio.c when parsing FLAC comments (CVE-2008-0486).\n Adam Bozanich (Mu Security) reported boundary errors in the cddb_parse_matches_list() and cddb_query_parse() functions in the file stream_cddb.c when parsing CDDB album titles (CVE-2008-0629) and in the url_scape_string() function in the file stream/url.c when parsing URLS (CVE-2008-0630).\n Impact :\n\n A remote attacker could entice a user to open a specially crafted file, possibly resulting in the execution of arbitrary code with the privileges of the user running MPlayer.\n Workaround :\n\n There is no known workaround at this time.", "edition": 6, "reporter": "Tenable", "published": "2008-03-13T00:00:00", "title": "GLSA-200803-16 : MPlayer: Multiple buffer overflows", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0486", "CVE-2008-0630", "CVE-2008-0485", "CVE-2008-0629"], "modified": "2018-08-10T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:mplayer", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200803-16.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=31442", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200803-16.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(31442);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/08/10 18:07:07\");\n\n script_cve_id(\"CVE-2008-0485\", \"CVE-2008-0486\", \"CVE-2008-0629\", \"CVE-2008-0630\");\n script_xref(name:\"GLSA\", value:\"200803-16\");\n\n script_name(english:\"GLSA-200803-16 : MPlayer: Multiple buffer overflows\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200803-16\n(MPlayer: Multiple buffer overflows)\n\n The following errors have been discovered in MPlayer:\n Felipe Manzano and Anibal Sacco (Core Security Technologies)\n reported an array indexing error in the file libmpdemux/demux_mov.c\n when parsing MOV file headers (CVE-2008-0485).\n Damian Frizza\n and Alfredo Ortega (Core Security Technologies) reported a boundary\n error in the file libmpdemux/demux_audio.c when parsing FLAC comments\n (CVE-2008-0486).\n Adam Bozanich (Mu Security) reported boundary\n errors in the cddb_parse_matches_list() and cddb_query_parse()\n functions in the file stream_cddb.c when parsing CDDB album titles\n (CVE-2008-0629) and in the url_scape_string() function in the file\n stream/url.c when parsing URLS (CVE-2008-0630).\n \nImpact :\n\n A remote attacker could entice a user to open a specially crafted file,\n possibly resulting in the execution of arbitrary code with the\n privileges of the user running MPlayer.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200803-16\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All MPlayer users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-video/mplayer-1.0_rc2_p25993'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:mplayer\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/03/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/03/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"media-video/mplayer\", unaffected:make_list(\"ge 1.0_rc2_p25993\"), vulnerable:make_list(\"lt 1.0_rc2_p25993\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MPlayer\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2017-07-25T10:56:39", "references": ["https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00395.html", "2008-1543"], "pluginID": "860441", "description": "Check for the Version of xine-lib", "edition": 2, "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "published": "2009-02-16T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Fedora Update for xine-lib FEDORA-2008-1543", "type": "openvas", "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0486"], "modified": "2017-07-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=860441", "id": "OPENVAS:860441", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xine-lib FEDORA-2008-1543\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"xine-lib on Fedora 8\";\ntag_insight = \"This package contains the Xine library. Xine is a free multimedia player.\n It can play back various media. It also decodes multimedia files from local\n disk drives, and displays multimedia streamed over the Internet. It\n interprets many of the most common multimedia formats available - and some\n of the most uncommon formats, too. --with/--without rpmbuild options\n (some default values depend on target distribution): aalib, caca, directfb,\n imagemagick, freetype, antialiasing (with freetype), jack, pulseaudio,\n wavpack, xcb.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00395.html\");\n script_id(860441);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2008-1543\");\n script_cve_id(\"CVE-2008-0486\");\n script_name( \"Fedora Update for xine-lib FEDORA-2008-1543\");\n\n script_summary(\"Check for the Version of xine-lib\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.10.1~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:56:21", "references": ["http://lists.mandriva.com/security-announce/2008-02/msg00023.php", "2008:046"], "pluginID": "830468", "description": "Check for the Version of xine-lib", "edition": 2, "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "published": "2009-04-09T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Mandriva Update for xine-lib MDVSA-2008:046 (xine-lib)", "type": "openvas", "naslFamily": "Mandrake Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0486"], "modified": "2017-07-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=830468", "id": "OPENVAS:830468", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for xine-lib MDVSA-2008:046 (xine-lib)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"An array index vulnerability found in the FLAC audio demuxer might\n allow remote attackers to execute arbitrary code via a crafted FLAC\n tag, which triggers a buffer overflow. Although originally an MPlayer\n issue, it also affects xine-lib due to code similarity.\n\n The updated packages have been patched to prevent this issue.\";\n\ntag_affected = \"xine-lib on Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64,\n Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-02/msg00023.php\");\n script_id(830468);\n script_version(\"$Revision: 6568 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:18:58 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2008:046\");\n script_cve_id(\"CVE-2008-0486\");\n script_name( \"Mandriva Update for xine-lib MDVSA-2008:046 (xine-lib)\");\n\n script_summary(\"Check for the Version of xine-lib\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxine1\", rpm:\"libxine1~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxine1-devel\", rpm:\"libxine1-devel~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-aa\", rpm:\"xine-aa~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-arts\", rpm:\"xine-arts~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-caca\", rpm:\"xine-caca~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-dxr3\", rpm:\"xine-dxr3~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-esd\", rpm:\"xine-esd~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-flac\", rpm:\"xine-flac~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-gnomevfs\", rpm:\"xine-gnomevfs~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-image\", rpm:\"xine-image~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-jack\", rpm:\"xine-jack~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-plugins\", rpm:\"xine-plugins~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-pulse\", rpm:\"xine-pulse~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-sdl\", rpm:\"xine-sdl~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-smb\", rpm:\"xine-smb~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xine1\", rpm:\"lib64xine1~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xine1-devel\", rpm:\"lib64xine1-devel~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxine-devel\", rpm:\"libxine-devel~1.1.8~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxine1\", rpm:\"libxine1~1.1.8~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-aa\", rpm:\"xine-aa~1.1.8~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-caca\", rpm:\"xine-caca~1.1.8~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-dxr3\", rpm:\"xine-dxr3~1.1.8~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-esd\", rpm:\"xine-esd~1.1.8~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-flac\", rpm:\"xine-flac~1.1.8~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-gnomevfs\", rpm:\"xine-gnomevfs~1.1.8~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-image\", rpm:\"xine-image~1.1.8~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-jack\", rpm:\"xine-jack~1.1.8~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-plugins\", rpm:\"xine-plugins~1.1.8~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-pulse\", rpm:\"xine-pulse~1.1.8~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-sdl\", rpm:\"xine-sdl~1.1.8~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-smb\", rpm:\"xine-smb~1.1.8~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.8~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xine-devel\", rpm:\"lib64xine-devel~1.1.8~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xine1\", rpm:\"lib64xine1~1.1.8~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:31", "references": ["https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00442.html", "2008-1581"], "pluginID": "860920", "description": "Check for the Version of xine-lib", "edition": 2, "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "published": "2009-02-16T00:00:00", "title": "Fedora Update for xine-lib FEDORA-2008-1581", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0486"], "modified": "2017-07-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=860920", "id": "OPENVAS:860920", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xine-lib FEDORA-2008-1581\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"xine-lib on Fedora 7\";\ntag_insight = \"This package contains the Xine library. Xine is a free multimedia player.\n It can play back various media. It also decodes multimedia files from local\n disk drives, and displays multimedia streamed over the Internet. It\n interprets many of the most common multimedia formats available - and some\n of the most uncommon formats, too. --with/--without rpmbuild options\n (some default values depend on target distribution): aalib, caca, directfb,\n imagemagick, freetype, antialiasing (with freetype), jack, pulseaudio,\n wavpack, xcb.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00442.html\");\n script_id(860920);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2008-1581\");\n script_cve_id(\"CVE-2008-0486\");\n script_name( \"Fedora Update for xine-lib FEDORA-2008-1581\");\n\n script_summary(\"Check for the Version of xine-lib\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.10.1~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-09T11:39:20", "references": ["http://lists.mandriva.com/security-announce/2008-02/msg00028.php", "2008:046-1"], "pluginID": "1361412562310830474", "description": "Check for the Version of xine-lib", "edition": 2, "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "published": "2009-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for xine-lib MDVSA-2008:046-1 (xine-lib)", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Mandrake Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0486"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830474", "id": "OPENVAS:1361412562310830474", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for xine-lib MDVSA-2008:046-1 (xine-lib)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"An array index vulnerability found in the FLAC audio demuxer might\n allow remote attackers to execute arbitrary code via a crafted FLAC\n tag, which triggers a buffer overflow. Although originally an MPlayer\n issue, it also affects xine-lib due to code similarity.\n\n The updated packages have been patched to prevent this issue.\n \n Update:\n \n The previous update used a bad patch which made Amarok interface\n very unresponsive while playing FLAC files. This new update fixes\n the security issue with a better patch.\";\n\ntag_affected = \"xine-lib on Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64,\n Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-02/msg00028.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830474\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:18:58 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2008:046-1\");\n script_cve_id(\"CVE-2008-0486\");\n script_name( \"Mandriva Update for xine-lib MDVSA-2008:046-1 (xine-lib)\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of xine-lib\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxine1\", rpm:\"libxine1~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxine1-devel\", rpm:\"libxine1-devel~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-aa\", rpm:\"xine-aa~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-arts\", rpm:\"xine-arts~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-caca\", rpm:\"xine-caca~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-dxr3\", rpm:\"xine-dxr3~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-esd\", rpm:\"xine-esd~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-flac\", rpm:\"xine-flac~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-gnomevfs\", rpm:\"xine-gnomevfs~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-image\", rpm:\"xine-image~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-jack\", rpm:\"xine-jack~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-plugins\", rpm:\"xine-plugins~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-pulse\", rpm:\"xine-pulse~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-sdl\", rpm:\"xine-sdl~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-smb\", rpm:\"xine-smb~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xine1\", rpm:\"lib64xine1~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xine1-devel\", rpm:\"lib64xine1-devel~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxine-devel\", rpm:\"libxine-devel~1.1.8~4.5mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxine1\", rpm:\"libxine1~1.1.8~4.5mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-aa\", rpm:\"xine-aa~1.1.8~4.5mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-caca\", rpm:\"xine-caca~1.1.8~4.5mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-dxr3\", rpm:\"xine-dxr3~1.1.8~4.5mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-esd\", rpm:\"xine-esd~1.1.8~4.5mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-flac\", rpm:\"xine-flac~1.1.8~4.5mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-gnomevfs\", rpm:\"xine-gnomevfs~1.1.8~4.5mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-image\", rpm:\"xine-image~1.1.8~4.5mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-jack\", rpm:\"xine-jack~1.1.8~4.5mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-plugins\", rpm:\"xine-plugins~1.1.8~4.5mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-pulse\", rpm:\"xine-pulse~1.1.8~4.5mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-sdl\", rpm:\"xine-sdl~1.1.8~4.5mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-smb\", rpm:\"xine-smb~1.1.8~4.5mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.8~4.5mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xine-devel\", rpm:\"lib64xine-devel~1.1.8~4.5mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xine1\", rpm:\"lib64xine1~1.1.8~4.5mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-09T11:39:23", "references": ["http://lists.mandriva.com/security-announce/2008-02/msg00023.php", "2008:046"], "pluginID": "1361412562310830468", "description": "Check for the Version of xine-lib", "edition": 2, "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "published": "2009-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for xine-lib MDVSA-2008:046 (xine-lib)", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Mandrake Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0486"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830468", "id": "OPENVAS:1361412562310830468", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for xine-lib MDVSA-2008:046 (xine-lib)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"An array index vulnerability found in the FLAC audio demuxer might\n allow remote attackers to execute arbitrary code via a crafted FLAC\n tag, which triggers a buffer overflow. Although originally an MPlayer\n issue, it also affects xine-lib due to code similarity.\n\n The updated packages have been patched to prevent this issue.\";\n\ntag_affected = \"xine-lib on Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64,\n Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-02/msg00023.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830468\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:18:58 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2008:046\");\n script_cve_id(\"CVE-2008-0486\");\n script_name( \"Mandriva Update for xine-lib MDVSA-2008:046 (xine-lib)\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of xine-lib\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxine1\", rpm:\"libxine1~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxine1-devel\", rpm:\"libxine1-devel~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-aa\", rpm:\"xine-aa~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-arts\", rpm:\"xine-arts~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-caca\", rpm:\"xine-caca~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-dxr3\", rpm:\"xine-dxr3~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-esd\", rpm:\"xine-esd~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-flac\", rpm:\"xine-flac~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-gnomevfs\", rpm:\"xine-gnomevfs~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-image\", rpm:\"xine-image~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-jack\", rpm:\"xine-jack~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-plugins\", rpm:\"xine-plugins~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-pulse\", rpm:\"xine-pulse~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-sdl\", rpm:\"xine-sdl~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-smb\", rpm:\"xine-smb~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xine1\", rpm:\"lib64xine1~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xine1-devel\", rpm:\"lib64xine1-devel~1.1.4~6.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxine-devel\", rpm:\"libxine-devel~1.1.8~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxine1\", rpm:\"libxine1~1.1.8~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-aa\", rpm:\"xine-aa~1.1.8~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-caca\", rpm:\"xine-caca~1.1.8~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-dxr3\", rpm:\"xine-dxr3~1.1.8~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-esd\", rpm:\"xine-esd~1.1.8~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-flac\", rpm:\"xine-flac~1.1.8~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-gnomevfs\", rpm:\"xine-gnomevfs~1.1.8~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-image\", rpm:\"xine-image~1.1.8~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-jack\", rpm:\"xine-jack~1.1.8~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-plugins\", rpm:\"xine-plugins~1.1.8~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-pulse\", rpm:\"xine-pulse~1.1.8~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-sdl\", rpm:\"xine-sdl~1.1.8~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-smb\", rpm:\"xine-smb~1.1.8~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.8~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xine-devel\", rpm:\"lib64xine-devel~1.1.8~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xine1\", rpm:\"lib64xine1~1.1.8~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:56:20", "references": ["http://lists.mandriva.com/security-announce/2008-02/msg00028.php", "2008:046-1"], "pluginID": "830474", "description": "Check for the Version of xine-lib", "edition": 2, "reporter": "Copyright (C) 2009 Greenbone Networks GmbH", "published": "2009-04-09T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Mandriva Update for xine-lib MDVSA-2008:046-1 (xine-lib)", "type": "openvas", "naslFamily": "Mandrake Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0486"], "modified": "2017-07-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=830474", "id": "OPENVAS:830474", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for xine-lib MDVSA-2008:046-1 (xine-lib)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"An array index vulnerability found in the FLAC audio demuxer might\n allow remote attackers to execute arbitrary code via a crafted FLAC\n tag, which triggers a buffer overflow. Although originally an MPlayer\n issue, it also affects xine-lib due to code similarity.\n\n The updated packages have been patched to prevent this issue.\n \n Update:\n \n The previous update used a bad patch which made Amarok interface\n very unresponsive while playing FLAC files. This new update fixes\n the security issue with a better patch.\";\n\ntag_affected = \"xine-lib on Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64,\n Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-02/msg00028.php\");\n script_id(830474);\n script_version(\"$Revision: 6568 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:18:58 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2008:046-1\");\n script_cve_id(\"CVE-2008-0486\");\n script_name( \"Mandriva Update for xine-lib MDVSA-2008:046-1 (xine-lib)\");\n\n script_summary(\"Check for the Version of xine-lib\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxine1\", rpm:\"libxine1~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxine1-devel\", rpm:\"libxine1-devel~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-aa\", rpm:\"xine-aa~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-arts\", rpm:\"xine-arts~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-caca\", rpm:\"xine-caca~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-dxr3\", rpm:\"xine-dxr3~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-esd\", rpm:\"xine-esd~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-flac\", rpm:\"xine-flac~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-gnomevfs\", rpm:\"xine-gnomevfs~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-image\", rpm:\"xine-image~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-jack\", rpm:\"xine-jack~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-plugins\", rpm:\"xine-plugins~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-pulse\", rpm:\"xine-pulse~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-sdl\", rpm:\"xine-sdl~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-smb\", rpm:\"xine-smb~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xine1\", rpm:\"lib64xine1~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xine1-devel\", rpm:\"lib64xine1-devel~1.1.4~6.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxine-devel\", rpm:\"libxine-devel~1.1.8~4.5mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxine1\", rpm:\"libxine1~1.1.8~4.5mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-aa\", rpm:\"xine-aa~1.1.8~4.5mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-caca\", rpm:\"xine-caca~1.1.8~4.5mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-dxr3\", rpm:\"xine-dxr3~1.1.8~4.5mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-esd\", rpm:\"xine-esd~1.1.8~4.5mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-flac\", rpm:\"xine-flac~1.1.8~4.5mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-gnomevfs\", rpm:\"xine-gnomevfs~1.1.8~4.5mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-image\", rpm:\"xine-image~1.1.8~4.5mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-jack\", rpm:\"xine-jack~1.1.8~4.5mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-plugins\", rpm:\"xine-plugins~1.1.8~4.5mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-pulse\", rpm:\"xine-pulse~1.1.8~4.5mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-sdl\", rpm:\"xine-sdl~1.1.8~4.5mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-smb\", rpm:\"xine-smb~1.1.8~4.5mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xine-lib\", rpm:\"xine-lib~1.1.8~4.5mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xine-devel\", rpm:\"lib64xine-devel~1.1.8~4.5mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xine1\", rpm:\"lib64xine1~1.1.8~4.5mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:12", "references": [], "pluginID": "60533", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "edition": 1, "reporter": "Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com", "published": "2008-09-04T00:00:00", "title": "FreeBSD Ports: libxine", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0486"], "modified": "2016-09-21T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=60533", "id": "OPENVAS:60533", "sourceData": "#\n#VID e8a6a16d-e498-11dc-bb89-000bcdc1757a\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: libxine\n\nCVE-2008-0486\nArray index vulnerability in libmpdemux/demux_audio.c in MPlayer\n1.0rc2 and SVN before r25917, and possibly earlier versions, as used\nin Xine-lib 1.1.10, might allow remote attackers to execute arbitrary\ncode via a crafted FLAC tag, which triggers a buffer overflow.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.xinehq.de/index.php/news\nhttp://www.vuxml.org/freebsd/e8a6a16d-e498-11dc-bb89-000bcdc1757a.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(60533);\n script_version(\"$Revision: 4125 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-21 07:39:51 +0200 (Wed, 21 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2008-0486\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"FreeBSD Ports: libxine\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"libxine\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.1.10.1\")<0) {\n txt += 'Package libxine version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:49:54", "references": [], "pluginID": "60449", "description": "The remote host is missing updates announced in\nadvisory GLSA 200802-12.", "edition": 2, "reporter": "Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com", "published": "2008-09-24T00:00:00", "title": "Gentoo Security Advisory GLSA 200802-12 (xine-lib)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0486", "CVE-2006-1664"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=60449", "id": "OPENVAS:60449", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"xine-lib is vulnerable to multiple buffer overflows when processing FLAC\nand ASF streams.\";\ntag_solution = \"All xine-lib users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-libs/xine-lib-1.1.10.1'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200802-12\nhttp://bugs.gentoo.org/show_bug.cgi?id=209106\nhttp://bugs.gentoo.org/show_bug.cgi?id=208100\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200802-12.\";\n\n \n\nif(description)\n{\n script_id(60449);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2006-1664\", \"CVE-2008-0486\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200802-12 (xine-lib)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"media-libs/xine-lib\", unaffected: make_list(\"ge 1.1.10.1\"), vulnerable: make_list(\"lt 1.1.10.1\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:02", "references": [], "pluginID": "60519", "description": "The remote host is missing updates announced in\nadvisory GLSA 200803-16.", "edition": 2, "reporter": "Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com", "published": "2008-09-24T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Gentoo Security Advisory GLSA 200803-16 (mplayer)", "type": "openvas", "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0486", "CVE-2008-0630", "CVE-2008-0485", "CVE-2008-0629"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=60519", "id": "OPENVAS:60519", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities have been discovered in MPlayer, possibly allowing\nfor the remote execution of arbitrary code.\";\ntag_solution = \"All MPlayer users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-video/mplayer-1.0_rc2_p25993'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200803-16\nhttp://bugs.gentoo.org/show_bug.cgi?id=208566\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200803-16.\";\n\n \n\nif(description)\n{\n script_id(60519);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2008-0485\", \"CVE-2008-0486\", \"CVE-2008-0629\", \"CVE-2008-0630\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200803-16 (mplayer)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"media-video/mplayer\", unaffected: make_list(\"ge 1.0_rc2_p25993\"), vulnerable: make_list(\"lt 1.0_rc2_p25993\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:44", "references": [], "pluginID": "60658", "description": "The remote host is missing an update to xine-lib\nannounced via advisory DSA 1536-1.", "edition": 2, "reporter": "Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com", "published": "2008-04-07T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Debian Security Advisory DSA 1536-1 (xine-lib)", "type": "openvas", "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0073", "CVE-2008-0486", "CVE-2007-1246", "CVE-2008-1161", "CVE-2007-1387"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=60658", "id": "OPENVAS:60658", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1536_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1536-1 (xine-lib)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several local vulnerabilities have been discovered in Xine, a\nmedia player library, allowed for a denial of service or arbitrary code\nexecution, which could be exploited through viewing malicious content.\nThe Common Vulnerabilities and Exposures project identifies the following\nproblems:\n\nCVE-2007-1246 / CVE-2007-1387\n\nThe DMO_VideoDecoder_Open function does not set the biSize before use in a\nmemcpy, which allows user-assisted remote attackers to cause a buffer overflow\nand possibly execute arbitrary code (applies to sarge only).\n\nCVE-2008-0073\n\nArray index error in the sdpplin_parse function allows remote RTSP servers\nto execute arbitrary code via a large streamid SDP parameter.\n\nCVE-2008-0486\n\nArray index vulnerability in libmpdemux/demux_audio.c might allow remote\nattackers to execute arbitrary code via a crafted FLAC tag, which triggers\na buffer overflow (applies to etch only).\n\nCVE-2008-1161\n\nBuffer overflow in the Matroska demuxer allows remote attackers to cause a\ndenial of service (crash) and possibly execute arbitrary code via a Matroska\nfile with invalid frame sizes.\n\n\nFor the stable distribution (etch), these problems have been fixed in version\n1.1.2+dfsg-6.\n\nFor the old stable distribution (sarge), these problems have been fixed in\nversion 1.0.1-1sarge7.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.1.11-1.\n\n\nWe recommend that you upgrade your xine-lib package.\";\ntag_summary = \"The remote host is missing an update to xine-lib\nannounced via advisory DSA 1536-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201536-1\";\n\n\nif(description)\n{\n script_id(60658);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-04-07 20:38:54 +0200 (Mon, 07 Apr 2008)\");\n script_cve_id(\"CVE-2007-1246\", \"CVE-2007-1387\", \"CVE-2008-0073\", \"CVE-2008-0486\", \"CVE-2008-1161\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1536-1 (xine-lib)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libxine-dev\", ver:\"1.0.1-1sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1\", ver:\"1.0.1-1sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1-dbg\", ver:\"1.1.2+dfsg-6\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine1\", ver:\"1.1.2+dfsg-6\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxine-dev\", ver:\"1.1.2+dfsg-6\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:25", "references": [], "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n \r\n Mandriva Linux Security Advisory MDVSA-2008:046\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n \r\n Package : xine-lib\r\n Date : February 15, 2008\r\n Affected: 2007.1, 2008.0\r\n _______________________________________________________________________\r\n \r\n Problem Description:\r\n \r\n An array index vulnerability found in the FLAC audio demuxer might\r\n allow remote attackers to execute arbitrary code via a crafted FLAC\r\n tag, which triggers a buffer overflow. Although originally an MPlayer\r\n issue, it also affects xine-lib due to code similarity.\r\n \r\n The updated packages have been patched to prevent this issue.\r\n _______________________________________________________________________\r\n\r\n References:\r\n \r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0486\r\n _______________________________________________________________________\r\n \r\n Updated Packages:\r\n \r\n Mandriva Linux 2007.1:\r\n 92b105e8e45cc7c628cfea03b65e5ebc 2007.1/i586/libxine1-1.1.4-6.5mdv2007.1.i586.rpm\r\n 8c10ae324cb8e3b02fe142cae8d86b23 2007.1/i586/libxine1-devel-1.1.4-6.5mdv2007.1.i586.rpm\r\n bb26522243e95621a475b886ebedacca 2007.1/i586/xine-aa-1.1.4-6.5mdv2007.1.i586.rpm\r\n 5d01cf04b75ba1ad6a4b8e85448e7b78 2007.1/i586/xine-arts-1.1.4-6.5mdv2007.1.i586.rpm\r\n 08be3876d609ee70b0966eaaa395085b 2007.1/i586/xine-caca-1.1.4-6.5mdv2007.1.i586.rpm\r\n b0702ce5b6e2bd2bc12c8a4b42e8ee30 2007.1/i586/xine-dxr3-1.1.4-6.5mdv2007.1.i586.rpm\r\n a1dd806006624254b89f9bc6c756bd2c 2007.1/i586/xine-esd-1.1.4-6.5mdv2007.1.i586.rpm\r\n b0218b6ae17e7874a0949055f1271365 2007.1/i586/xine-flac-1.1.4-6.5mdv2007.1.i586.rpm\r\n f7b59004050060fd3ebb83bbedc7d16a 2007.1/i586/xine-gnomevfs-1.1.4-6.5mdv2007.1.i586.rpm\r\n 38ab5fb451a81ffcce9357a3884eeaff 2007.1/i586/xine-image-1.1.4-6.5mdv2007.1.i586.rpm\r\n ef5bbbf902ebf0b51a56a908ff79712c 2007.1/i586/xine-jack-1.1.4-6.5mdv2007.1.i586.rpm\r\n 0add0fbbf3e70a84739e17d66b1c851d 2007.1/i586/xine-plugins-1.1.4-6.5mdv2007.1.i586.rpm\r\n 50c7fda320ef57b995686477a5fbbfc4 2007.1/i586/xine-pulse-1.1.4-6.5mdv2007.1.i586.rpm\r\n f942f35a3d5b637b20f4b9e08c4912b8 2007.1/i586/xine-sdl-1.1.4-6.5mdv2007.1.i586.rpm\r\n 7aa83070759e8ff44153f6422c5204dd 2007.1/i586/xine-smb-1.1.4-6.5mdv2007.1.i586.rpm \r\n 0d47a2b57fa073f8618bf57b149a9f42 2007.1/SRPMS/xine-lib-1.1.4-6.5mdv2007.1.src.rpm\r\n\r\n Mandriva Linux 2007.1/X86_64:\r\n 25893aeb0c101954c541a2f4f9c9c1da 2007.1/x86_64/lib64xine1-1.1.4-6.5mdv2007.1.x86_64.rpm\r\n 1fb04166eecb9a1ab1e011a0f1ababb4 2007.1/x86_64/lib64xine1-devel-1.1.4-6.5mdv2007.1.x86_64.rpm\r\n 3e48a4aafaa97bd47cb7c0bbb7ba1237 2007.1/x86_64/xine-aa-1.1.4-6.5mdv2007.1.x86_64.rpm\r\n bd2347ff386d44948c88c67485fb1b5a 2007.1/x86_64/xine-arts-1.1.4-6.5mdv2007.1.x86_64.rpm\r\n a509d9ebab2bf1941934d2cba759e770 2007.1/x86_64/xine-caca-1.1.4-6.5mdv2007.1.x86_64.rpm\r\n ba1b934caece9ae950e565d9a097b40e 2007.1/x86_64/xine-dxr3-1.1.4-6.5mdv2007.1.x86_64.rpm\r\n 95297e819a47fdcae07625741d5eabeb 2007.1/x86_64/xine-esd-1.1.4-6.5mdv2007.1.x86_64.rpm\r\n 8e8a92caa399113211cfd95336429ead 2007.1/x86_64/xine-flac-1.1.4-6.5mdv2007.1.x86_64.rpm\r\n 90aa9c3977c15458fe0c0ac98b1dabb2 2007.1/x86_64/xine-gnomevfs-1.1.4-6.5mdv2007.1.x86_64.rpm\r\n 28070563c3b364760a6fd9a93a0a64bd 2007.1/x86_64/xine-image-1.1.4-6.5mdv2007.1.x86_64.rpm\r\n 1309d3ffbdaabeaf28f8476f94fb8105 2007.1/x86_64/xine-jack-1.1.4-6.5mdv2007.1.x86_64.rpm\r\n c268f6d3a92ebee7d444470d9948bd2c 2007.1/x86_64/xine-plugins-1.1.4-6.5mdv2007.1.x86_64.rpm\r\n 46f6800167c1c8766cfa168e94a5ab89 2007.1/x86_64/xine-pulse-1.1.4-6.5mdv2007.1.x86_64.rpm\r\n 88adcbb90e87e260eb79a1f6d4c11adc 2007.1/x86_64/xine-sdl-1.1.4-6.5mdv2007.1.x86_64.rpm\r\n fb5ef2d8db31b0c6da3db2401963d1f8 2007.1/x86_64/xine-smb-1.1.4-6.5mdv2007.1.x86_64.rpm \r\n 0d47a2b57fa073f8618bf57b149a9f42 2007.1/SRPMS/xine-lib-1.1.4-6.5mdv2007.1.src.rpm\r\n\r\n Mandriva Linux 2008.0:\r\n a006ee314a3487abda9f87844a418283 2008.0/i586/libxine-devel-1.1.8-4.3mdv2008.0.i586.rpm\r\n 50300dd0ede82d905faa0148864ce5c3 2008.0/i586/libxine1-1.1.8-4.3mdv2008.0.i586.rpm\r\n f7354400019aa522a9b4c9183cdcbf01 2008.0/i586/xine-aa-1.1.8-4.3mdv2008.0.i586.rpm\r\n d9246649fabf1ec7d5ded73fc69389de 2008.0/i586/xine-caca-1.1.8-4.3mdv2008.0.i586.rpm\r\n 17cfc011b27bbee2ded3e57840892f3e 2008.0/i586/xine-dxr3-1.1.8-4.3mdv2008.0.i586.rpm\r\n b3bc62b1d9704e4c387b9dc05ca78c21 2008.0/i586/xine-esd-1.1.8-4.3mdv2008.0.i586.rpm\r\n bfc01255d453d4b024a3b219077d1410 2008.0/i586/xine-flac-1.1.8-4.3mdv2008.0.i586.rpm\r\n 76c62017cdd33345889c1582caf3b827 2008.0/i586/xine-gnomevfs-1.1.8-4.3mdv2008.0.i586.rpm\r\n 512904d1519640475146f19449398d05 2008.0/i586/xine-image-1.1.8-4.3mdv2008.0.i586.rpm\r\n b854ed87d8b85e43c766d47267e61ef1 2008.0/i586/xine-jack-1.1.8-4.3mdv2008.0.i586.rpm\r\n b3b83be2f3b0a1e5125921b17bef5b21 2008.0/i586/xine-plugins-1.1.8-4.3mdv2008.0.i586.rpm\r\n 781983b84a24bcd23ea7ed087b42d1bf 2008.0/i586/xine-pulse-1.1.8-4.3mdv2008.0.i586.rpm\r\n e7f7b472e8fd8bf30bc448fee29ae94d 2008.0/i586/xine-sdl-1.1.8-4.3mdv2008.0.i586.rpm\r\n 00d5184581be159ba607b277d4b3326d 2008.0/i586/xine-smb-1.1.8-4.3mdv2008.0.i586.rpm \r\n bc6508f3f527de2c25039bc3bff359d4 2008.0/SRPMS/xine-lib-1.1.8-4.3mdv2008.0.src.rpm\r\n\r\n Mandriva Linux 2008.0/X86_64:\r\n ac5c1cf34cf85bd33c60a9707aa851d4 2008.0/x86_64/lib64xine-devel-1.1.8-4.3mdv2008.0.x86_64.rpm\r\n 2b995c0f69aa471d4700e5721b67a8af 2008.0/x86_64/lib64xine1-1.1.8-4.3mdv2008.0.x86_64.rpm\r\n cace153adb4181e62fdf6b9cbc715ab9 2008.0/x86_64/xine-aa-1.1.8-4.3mdv2008.0.x86_64.rpm\r\n d5c963ebc4814b1642937959531de6bf 2008.0/x86_64/xine-caca-1.1.8-4.3mdv2008.0.x86_64.rpm\r\n a20718c6f1abe8c06afb98ae52f36208 2008.0/x86_64/xine-dxr3-1.1.8-4.3mdv2008.0.x86_64.rpm\r\n fd4f65b926b4d9d3e5f734bfce8b7cbb 2008.0/x86_64/xine-esd-1.1.8-4.3mdv2008.0.x86_64.rpm\r\n e9f18928c5ed86e531545b98f721102b 2008.0/x86_64/xine-flac-1.1.8-4.3mdv2008.0.x86_64.rpm\r\n 0cad217d2138a6f6597db02714a5c0e8 2008.0/x86_64/xine-gnomevfs-1.1.8-4.3mdv2008.0.x86_64.rpm\r\n 3d2a618e0cc44cf47c0556ce6cc09bd9 2008.0/x86_64/xine-image-1.1.8-4.3mdv2008.0.x86_64.rpm\r\n 14baefc41749868298378b2d637c62b0 2008.0/x86_64/xine-jack-1.1.8-4.3mdv2008.0.x86_64.rpm\r\n ef3bc2769f717ac9bc6f8a1f6c801f30 2008.0/x86_64/xine-plugins-1.1.8-4.3mdv2008.0.x86_64.rpm\r\n 8296113a6b5db2f3846dd2c28755f583 2008.0/x86_64/xine-pulse-1.1.8-4.3mdv2008.0.x86_64.rpm\r\n 37745a135e8fafd10e31731048d5b58a 2008.0/x86_64/xine-sdl-1.1.8-4.3mdv2008.0.x86_64.rpm\r\n 5493e7511c3b601ffcc0632a8beab66c 2008.0/x86_64/xine-smb-1.1.8-4.3mdv2008.0.x86_64.rpm \r\n bc6508f3f527de2c25039bc3bff359d4 2008.0/SRPMS/xine-lib-1.1.8-4.3mdv2008.0.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.8 (GNU/Linux)\r\n\r\niD8DBQFHtecEmqjQ0CJFipgRAp/oAKDAs0GcPuf5v18wYBF+L2JNUCA4yQCfWnc3\r\nZNRY5WdeYXIevrA4KN0S9y4=\r\n=x1LB\r\n-----END PGP SIGNATURE-----", "edition": 1, "reporter": "Securityvulns", "published": "2008-02-16T00:00:00", "title": "[ MDVSA-2008:046 ] - Updated xine-lib package fixes arbitrary code execution vulnerability", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:25", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2008-0486"], "modified": "2008-02-16T00:00:00", "id": "SECURITYVULNS:DOC:19149", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:19149", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:24", "references": [], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n Core Security Technologies - CoreLabs Advisory\r\n http://www.coresecurity.com/corelabs\r\n\r\n MPlayer 1.0rc2 buffer overflow vulnerability\r\n\r\n\r\n*Advisory Information*\r\n\r\nTitle: MPlayer 1.0rc2 buffer overflow vulnerability\r\nAdvisory ID: CORE-2007-1218\r\nAdvisory URL: http://www.coresecurity.com/?action=item&id=2103\r\nDate published: 2008-02-04\r\nDate of last update: 2008-02-01\r\nVendors contacted: MPlayer and Xine team\r\nRelease mode: Coordinated release\r\n\r\n\r\n*Vulnerability Information*\r\n\r\nClass: Buffer overflow\r\nRemotely Exploitable: No\r\nLocally Exploitable: Yes\r\nBugtraq ID: 27441\r\nCVE Name: CVE-2008-0486\r\n\r\n\r\n*Vulnerability Description*\r\n\r\nThe MPlayer package [1] is vulnerable to a buffer overflow attack, which\r\ncan be exploited by malicious remote attackers. The vulnerability is due\r\nto MPlayer not properly sanitizing certain tags on a FLAC file before\r\nusing them to index an array on the stack. This can be exploited to\r\nexecute arbitrary commands by opening a specially crafted file.\r\n\r\nThe Xine package [2], and probably other packages based on MPlayer [3],\r\nare vulnerable to this attack too.\r\n\r\n\r\n*Vulnerable Packages*\r\n\r\n. MPlayer 1.0rc2 and SVN before r25917 (Tue Jan 29 22:00:58 2008 UTC).\r\nOlder versions are probably affected too, but they were not checked.\r\n. Xine-lib 1.1.10. Other MPlayer related projects are affected too.\r\n\r\n\r\n*Non-vulnerable Packages*\r\n\r\n. MPlayer SVN HEAD after r25917.\r\n. MPlayer 1.0rc2 + security patches.\r\n\r\n\r\n*Vendor Information, Solutions and Workarounds*\r\n\r\nA fix for this problem was committed to SVN on the MPlayer project [4].\r\nUsers of affected MPlayer versions should download a patch [5] for\r\nMPlayer 1.0rc2 or update to the latest version if they are using SVN.\r\n\r\n\r\n*Credits*\r\n\r\nThis vulnerability was discovered by Damian Frizza and Alfredo Ortega,\r\nfrom the Exploit Writers team of Core Security Technologies.\r\n\r\n\r\n*Technical Description / Proof of Concept Code*\r\n\r\nThe vulnerability was found in the following code, used to parse FLAC\r\ncomments inside MPlayer:\r\n\r\n/-----------\r\n\r\nlibmpdemux/demux_audio.c\r\n \r\n206 case FLAC_VORBIS_COMMENT:\r\n207 {\r\n208 /* For a description of the format please have a look at */\r\n209 /* http://www.xiph.org/vorbis/doc/v-comment.html */\r\n210\r\n211 uint32_t length, comment_list_len;\r\n212 (1) char comments[blk_len];\r\n213 uint8_t *ptr = comments;\r\n214 char *comment;\r\n215 int cn;\r\n216 char c;\r\n217\r\n218 if (stream_read (s, comments, blk_len) == blk_len)\r\n219 {\r\n220 (2) length = AV_RL32(ptr);\r\n221 ptr += 4 + length;\r\n222\r\n223 comment_list_len = AV_RL32(ptr);\r\n224 ptr += 4;\r\n225\r\n226 cn = 0;\r\n227 for (; cn < comment_list_len; cn++)\r\n228 {\r\n229 length = AV_RL32(ptr);\r\n230 ptr += 4;\r\n231\r\n232 comment = ptr;\r\n233 (3) c = comment[length];\r\n234 comment[length] = 0; ...\r\n\r\n- -----------/\r\n\r\nWe can see in (2) that the 'length' variable is being loaded from a\r\nposition on the file stream, and then used without any validation to\r\nindex the 'comment' buffer, that was allocated from the stack in (1).\r\nThis causes a stack corruption, and possibly allows code execution (e.g.\r\nmodifying the value of the 'length' variable, that is also on the stack).\r\n\r\nExample Attack Scenario:\r\n\r\n1) The user receives an email with an attachment called e.g.\r\n'goodmusic.flac'.\r\n2) The user opens the file with MPlayer or another vulnerable software.\r\n3) This causes a stack corruption and malicious code execution on the\r\nuser computer.\r\n\r\n\r\n*Report Timeline*\r\n\r\n. 2007-12-18: Core Security Technologies notifies the MPlayer team of\r\nthe vulnerability (no reply received).\r\n. 2008-01-04: A new notification of the vulnerability was sent to the\r\nMPlayer team (no reply received).\r\n. 2008-01-18: A new notification of the vulnerability was sent to the\r\nMPlayer team.\r\n. 2008-01-18: The MPlayer team asked Core Security Technologies for\r\ntechnical description of the vulnerability.\r\n. 2008-01-22: Technical details was sent to MPlayer team by Core\r\nSecurity Technologies.\r\n. 2008-01-28: MPlayer notified Core Security Technologies that a fix had\r\nbeen produced.\r\n. 2008-02-04: CORE-2007-1218 advisory was published.\r\n\r\n\r\n*References*\r\n\r\n[1] http://www.mplayerhq.hu\r\n[2] http://xinehq.de/\r\n[3] http://www.mplayerhq.hu/design7/projects.html\r\n[4]\r\nhttp://svn.mplayerhq.hu/mplayer/trunk/libmpdemux/demux_audio.c?r1=25911&r2=25917\r\n[5] http://www.mplayerhq.hu/MPlayer/patches/demux_audio_fix_20080129.diff\r\n\r\n\r\n*About CoreLabs*\r\n\r\nCoreLabs, the research center of Core Security Technologies, is charged\r\nwith anticipating the future needs and requirements for information\r\nsecurity technologies. We conduct our research in several important\r\nareas of computer security including system vulnerabilities, cyber\r\nattack planning and simulation, source code auditing, and cryptography.\r\nOur results include problem formalization, identification of\r\nvulnerabilities, novel solutions and prototypes for new technologies.\r\nCoreLabs regularly publishes security advisories, technical papers,\r\nproject information and shared software tools for public use at:\r\nhttp://www.coresecurity.com/corelabs/.\r\n\r\n\r\n*About Core Security Technologies*\r\n\r\nCore Security Technologies develops strategic solutions that help\r\nsecurity-conscious organizations worldwide develop and maintain a\r\nproactive process for securing their networks. The company's flagship\r\nproduct, CORE IMPACT, is the most comprehensive product for performing\r\nenterprise security assurance testing. CORE IMPACT evaluates network,\r\nendpoint and end-user vulnerabilities and identifies what resources are\r\nexposed. It enables organizations to determine if current security\r\ninvestments are detecting and preventing attacks. Core Security\r\nTechnologies augments its leading technology solution with world-class\r\nsecurity consulting services, including penetration testing and software\r\nsecurity auditing. Based in Boston, MA and Buenos Aires, Argentina, Core\r\nSecurity Technologies can be reached at 617-399-6980 or on the Web at\r\nhttp://www.coresecurity.com.\r\n\r\n\r\n*Disclaimer*\r\n\r\nThe contents of this advisory are copyright (c) 2008 Core Security\r\nTechnologies and (c) 2008 CoreLabs, and may be distributed freely\r\nprovided that no fee is charged for this distribution and proper credit\r\nis given.\r\n\r\n\r\n*GPG/PGP Keys*\r\n\r\nThis advisory has been signed with the GPG key of Core Security\r\nTechnologies advisories team, which is available for download at\r\nhttp://www.coresecurity.com/files/attachments/core_security_advisories.asc.\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.7 (MingW32)\r\nComment: Using GnuPG with Mozilla - http://enigmail.mozdev.org\r\n\r\niD8DBQFHp2riyNibggitWa0RApD/AKCtN46G9t/7fMEutRQbUx6uVKonDwCfWYcb\r\ng+kdvVlvzynfGW8XUUI1v7w=\r\n=Byqy\r\n-----END PGP SIGNATURE-----", "edition": 1, "reporter": "Securityvulns", "published": "2008-02-05T00:00:00", "title": "CORE-2007-1218: MPlayer 1.0rc2 buffer overflow vulnerability", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:24", "vector": "NONE", "value": 9.3}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2008-0486"], "modified": "2008-02-05T00:00:00", "id": "SECURITYVULNS:DOC:19007", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:19007", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:25", "references": [], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\nGentoo Linux Security Advisory GLSA 200803-16\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n http://security.gentoo.org/\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n\r\n Severity: Normal\r\n Title: MPlayer: Multiple buffer overflows\r\n Date: March 10, 2008\r\n Bugs: #208566\r\n ID: 200803-16\r\n\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n\r\nSynopsis\r\n========\r\n\r\nMultiple vulnerabilities have been discovered in MPlayer, possibly\r\nallowing for the remote execution of arbitrary code.\r\n\r\nBackground\r\n==========\r\n\r\nMPlayer is a media player incuding support for a wide range of audio\r\nand video formats.\r\n\r\nAffected packages\r\n=================\r\n\r\n -------------------------------------------------------------------\r\n Package / Vulnerable / Unaffected\r\n -------------------------------------------------------------------\r\n 1 media-video/mplayer < 1.0_rc2_p25993 >= 1.0_rc2_p25993\r\n\r\nDescription\r\n===========\r\n\r\nThe following errors have been discovered in MPlayer:\r\n\r\n* Felipe Manzano and Anibal Sacco (Core Security Technologies)\r\n reported an array indexing error in the file libmpdemux/demux_mov.c\r\n when parsing MOV file headers (CVE-2008-0485).\r\n\r\n* Damian Frizza and Alfredo Ortega (Core Security Technologies)\r\n reported a boundary error in the file libmpdemux/demux_audio.c when\r\n parsing FLAC comments (CVE-2008-0486).\r\n\r\n* Adam Bozanich (Mu Security) reported boundary errors in the\r\n cddb_parse_matches_list() and cddb_query_parse() functions in the\r\n file stream_cddb.c when parsing CDDB album titles (CVE-2008-0629) and\r\n in the url_scape_string() function in the file stream/url.c when\r\n parsing URLS (CVE-2008-0630).\r\n\r\nImpact\r\n======\r\n\r\nA remote attacker could entice a user to open a specially crafted file,\r\npossibly resulting in the execution of arbitrary code with the\r\nprivileges of the user running MPlayer.\r\n\r\nWorkaround\r\n==========\r\n\r\nThere is no known workaround at this time.\r\n\r\nResolution\r\n==========\r\n\r\nAll MPlayer users should upgrade to the latest version:\r\n\r\n # emerge --sync\r\n # emerge --ask --oneshot --verbose ">=media-video/mplayer-1.0_rc2_p25993"\r\n\r\nReferences\r\n==========\r\n\r\n [ 1 ] CVE-2008-0485\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0485\r\n [ 2 ] CVE-2008-0486\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0486\r\n [ 3 ] CVE-2008-0629\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0629\r\n [ 4 ] CVE-2008-0630\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0630\r\n\r\nAvailability\r\n============\r\n\r\nThis GLSA and any updates to it are available for viewing at\r\nthe Gentoo Security Website:\r\n\r\n http://security.gentoo.org/glsa/glsa-200803-16.xml\r\n\r\nConcerns?\r\n=========\r\n\r\nSecurity is a primary focus of Gentoo Linux and ensuring the\r\nconfidentiality and security of our users machines is of utmost\r\nimportance to us. Any security concerns should be addressed to\r\nsecurity@gentoo.org or alternatively, you may file a bug at\r\nhttp://bugs.gentoo.org.\r\n\r\nLicense\r\n=======\r\n\r\nCopyright 2008 Gentoo Foundation, Inc; referenced text\r\nbelongs to its owner(s).\r\n\r\nThe contents of this document are licensed under the\r\nCreative Commons - Attribution / Share Alike license.\r\n\r\nhttp://creativecommons.org/licenses/by-sa/2.5\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v2.0.7 (GNU/Linux)\r\nComment: Using GnuPG with Mozilla - http://enigmail.mozdev.org\r\n\r\niD8DBQFH1aw6uhJ+ozIKI5gRAlmEAJ4ygxVXlGiWqBzdc5KMUEbF0omH9gCgibFB\r\nQBUdO9db/Z4Zm2aqaiznRAI=\r\n=JZmi\r\n-----END PGP SIGNATURE-----", "edition": 1, "reporter": "Securityvulns", "published": "2008-03-11T00:00:00", "title": "[ GLSA 200803-16 ] MPlayer: Multiple buffer overflows", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:25", "vector": "NONE", "value": 9.3}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2008-0486", "CVE-2008-0630", "CVE-2008-0485", "CVE-2008-0629"], "modified": "2008-03-11T00:00:00", "id": "SECURITYVULNS:DOC:19370", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:19370", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:28", "references": ["https://vulners.com/securityvulns/securityvulns:doc:19007", "https://vulners.com/securityvulns/securityvulns:doc:19006", "https://vulners.com/securityvulns/securityvulns:doc:19149"], "description": "Buffer overflow on FLAC data parsing, uninitilized pointer dereference on MOV parsing.", "edition": 1, "reporter": "BUGTRAQ", "published": "2008-02-16T00:00:00", "title": "Mplayer / Xine multiple security vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:28", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "xinelib", "version": "1.1", "operator": "eq"}, {"name": "xine", "version": "1.1", "operator": "eq"}, {"name": "MPlayer", "version": "1.0", "operator": "eq"}], "cvelist": ["CVE-2008-0486", "CVE-2008-0238", "CVE-2008-0225", "CVE-2008-0485"], "modified": "2008-02-16T00:00:00", "id": "SECURITYVULNS:VULN:8631", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:8631", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "seebug": [{"lastseen": "2017-11-19T21:48:16", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "enchantments_done": [], "references": [], "description": "BUGTRAQ ID: 27441\r\nCVE(CAN) ID: CVE-2008-0486\r\n\r\nMPlayer\u662f\u4e00\u6b3e\u57fa\u4e8eLinux\u7684\u5a92\u4f53\u64ad\u653e\u7a0b\u5e8f\uff0c\u652f\u6301\u591a\u79cd\u5a92\u4f53\u683c\u5f0f\u3002\r\n\r\nMPlayer\u7684libmpdemux/demux_audio.c\u6587\u4ef6\u5728\u89e3\u6790FLAC\u6807\u6ce8\u65f6\u5b58\u5728\u6808\u6ea2\u51fa\u6f0f\u6d1e\uff1a\r\n\r\n/-----------\r\n\r\nlibmpdemux/demux_audio.c\r\n \r\n206 case FLAC_VORBIS_COMMENT:\r\n207 {\r\n208 /* For a description of the format please have a look at */\r\n209 /* http://www.xiph.org/vorbis/doc/v-comment.html */\r\n210\r\n211 uint32_t length, comment_list_len;\r\n212 (1) char comments[blk_len];\r\n213 uint8_t *ptr = comments;\r\n214 char *comment;\r\n215 int cn;\r\n216 char c;\r\n217\r\n218 if (stream_read (s, comments, blk_len) == blk_len)\r\n219 {\r\n220 (2) length = AV_RL32(ptr);\r\n221 ptr += 4 + length;\r\n222\r\n223 comment_list_len = AV_RL32(ptr);\r\n224 ptr += 4;\r\n225\r\n226 cn = 0;\r\n227 for (; cn < comment_list_len; cn++)\r\n228 {\r\n229 length = AV_RL32(ptr);\r\n230 ptr += 4;\r\n231\r\n232 comment = ptr;\r\n233 (3) c = comment[length];\r\n234 comment[length] = 0; ...\r\n\r\n- -----------/\r\n\r\n\u53ef\u89c1\u5728(2)\u5904length\u53c2\u6570\u662f\u4ece\u6587\u4ef6\u6d41\u4e2d\u7684\u4f4d\u7f6e\u52a0\u8f7d\u7684\uff0c\u7136\u540e\u672a\u7ecf\u4efb\u4f55\u9a8c\u8bc1\u4fbf\u5728comment\u7f13\u51b2\u533a\u7d22\u5f15\u4e2d\u4f7f\u7528\uff0c\u8fd9\u53ef\u80fd\u89e6\u53d1\u6808\u6ea2\u51fa\uff0c\u5bfc\u81f4\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\r\n\n\nMPlayer MPlayer 1.0 rc2\n \u5382\u5546\u8865\u4e01\uff1a\r\n\r\nMPlayer\r\n-------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\n<a href=http://www.mplayerhq.hu/MPlayer/patches/url_fix_20080120.diff target=_blank>http://www.mplayerhq.hu/MPlayer/patches/url_fix_20080120.diff</a>\r\n<a href=http://www.mplayerhq.hu/MPlayer/patches/demux_mov_fix_20080129.diff target=_blank>http://www.mplayerhq.hu/MPlayer/patches/demux_mov_fix_20080129.diff</a>\r\n<a href=http://www.mplayerhq.hu/MPlayer/patches/demux_audio_fix_20080129.diff target=_blank>http://www.mplayerhq.hu/MPlayer/patches/demux_audio_fix_20080129.diff</a>", "reporter": "Root", "published": "2008-02-14T00:00:00", "title": "MPlayer demux_audio.c\u8fdc\u7a0b\u6808\u6ea2\u51fa\u6f0f\u6d1e", "type": "seebug", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2008-0486"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2008-02-14T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-2889", "id": "SSV:2889", "sourceData": "", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "", "status": "details"}], "gentoo": [{"lastseen": "2016-09-06T19:46:17", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1664", "https://bugs.gentoo.org/show_bug.cgi?id=208100", "https://bugs.gentoo.org/show_bug.cgi?id=209106", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0486", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1110"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "1.1.10.1", "packageName": "media-libs/xine-lib", "packageFilename": "UNKNOWN", "arch": "all", "operator": "lt"}], "description": "### Background\n\nxine-lib is the core library package for the xine media player. \n\n### Description\n\nDamian Frizza and Alfredo Ortega (Core Security Technologies) discovered a stack-based buffer overflow within the open_flac_file() function in the file demux_flac.c when parsing tags within a FLAC file (CVE-2008-0486). A buffer overflow when parsing ASF headers, which is similar to CVE-2006-1664, has also been discovered (CVE-2008-1110). \n\n### Impact\n\nA remote attacker could entice a user to play specially crafted FLAC or ASF video streams with a player using xine-lib, potentially resulting in the execution of arbitrary code with the privileges of the user running the player. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll xine-lib users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-libs/xine-lib-1.1.10.1\"", "edition": 1, "reporter": "Gentoo Foundation", "published": "2008-02-26T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "gentoo", "title": "xine-lib: User-assisted execution of arbitrary code", "bulletinFamily": "unix", "cvelist": ["CVE-2008-0486", "CVE-2008-1110", "CVE-2006-1664"], "modified": "2008-03-03T00:00:00", "id": "GLSA-200802-12", "href": "https://security.gentoo.org/glsa/200802-12", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-06T19:46:01", "references": ["https://bugs.gentoo.org/show_bug.cgi?id=208566", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0485", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0629", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0630", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0486"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "1.0_rc2_p25993", "packageName": "media-video/mplayer", "packageFilename": "UNKNOWN", "arch": "all", "operator": "lt"}], "description": "### Background\n\nMPlayer is a media player incuding support for a wide range of audio and video formats. \n\n### Description\n\nThe following errors have been discovered in MPlayer: \n\n * Felipe Manzano and Anibal Sacco (Core Security Technologies) reported an array indexing error in the file libmpdemux/demux_mov.c when parsing MOV file headers (CVE-2008-0485).\n * Damian Frizza and Alfredo Ortega (Core Security Technologies) reported a boundary error in the file libmpdemux/demux_audio.c when parsing FLAC comments (CVE-2008-0486).\n * Adam Bozanich (Mu Security) reported boundary errors in the cddb_parse_matches_list() and cddb_query_parse() functions in the file stream_cddb.c when parsing CDDB album titles (CVE-2008-0629) and in the url_scape_string() function in the file stream/url.c when parsing URLS (CVE-2008-0630).\n\n### Impact\n\nA remote attacker could entice a user to open a specially crafted file, possibly resulting in the execution of arbitrary code with the privileges of the user running MPlayer. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll MPlayer users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-video/mplayer-1.0_rc2_p25993\"", "edition": 1, "reporter": "Gentoo Foundation", "published": "2008-03-10T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "type": "gentoo", "title": "MPlayer: Multiple buffer overflows", "bulletinFamily": "unix", "cvelist": ["CVE-2008-0486", "CVE-2008-0630", "CVE-2008-0485", "CVE-2008-0629"], "modified": "2008-03-10T00:00:00", "id": "GLSA-200803-16", "href": "https://security.gentoo.org/glsa/200803-16", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2016-09-02T18:34:57", "references": [], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6", "arch": "i686", "packageFilename": "libxine1_1.1.2+dfsg-6_i386.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg.orig", "arch": "src", "packageFilename": "xine-lib_1.1.2+dfsg.orig.tar.gz", "packageName": "xine-lib", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge7", "arch": "hppa", "packageFilename": "libxine-dev_1.0.1-1sarge7_hppa.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6", "arch": "mips", "packageFilename": "libxine-dev_1.1.2+dfsg-6_mips.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6", "arch": "s390x", "packageFilename": "libxine-dev_1.1.2+dfsg-6_s390.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6", "arch": "ppc", "packageFilename": "libxine1_1.1.2+dfsg-6_powerpc.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6", "arch": "ia64", "packageFilename": "libxine1-dbg_1.1.2+dfsg-6_ia64.deb", "packageName": "libxine1-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1.orig", "arch": "src", "packageFilename": "xine-lib_1.0.1.orig.tar.gz", "packageName": "xine-lib", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge7", "arch": "sparc", "packageFilename": "libxine1_1.0.1-1sarge7_sparc.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge7", "arch": "s390x", "packageFilename": "libxine1_1.0.1-1sarge7_s390.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge7", "arch": "arm", "packageFilename": "libxine1_1.0.1-1sarge7_arm.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6", "arch": "hppa", "packageFilename": "libxine1-dbg_1.1.2+dfsg-6_hppa.deb", "packageName": "libxine1-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6", "arch": "sparc", "packageFilename": "libxine-dev_1.1.2+dfsg-6_sparc.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6", "arch": "mips", "packageFilename": "libxine1-dbg_1.1.2+dfsg-6_mips.deb", "packageName": "libxine1-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge7", "arch": "src", "packageFilename": "xine-lib_1.0.1-1sarge7.dsc", "packageName": "xine-lib", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge7", "arch": "m68k", "packageFilename": "libxine1_1.0.1-1sarge7_m68k.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6", "arch": "sparc", "packageFilename": "libxine1-dbg_1.1.2+dfsg-6_sparc.deb", "packageName": "libxine1-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6", "arch": "hppa", "packageFilename": "libxine1_1.1.2+dfsg-6_hppa.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6", "arch": "s390x", "packageFilename": "libxine1-dbg_1.1.2+dfsg-6_s390.deb", "packageName": "libxine1-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6", "arch": "arm", "packageFilename": "libxine1_1.1.2+dfsg-6_arm.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6", "arch": "arm", "packageFilename": "libxine1-dbg_1.1.2+dfsg-6_arm.deb", "packageName": "libxine1-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6", "arch": "ppc", "packageFilename": "libxine-dev_1.1.2+dfsg-6_powerpc.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6", "arch": "src", "packageFilename": "xine-lib_1.1.2+dfsg-6.dsc", "packageName": "xine-lib", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6", "arch": "hppa", "packageFilename": "libxine-dev_1.1.2+dfsg-6_hppa.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6", "arch": "sparc", "packageFilename": "libxine1_1.1.2+dfsg-6_sparc.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6", "arch": "mipsel", "packageFilename": "libxine-dev_1.1.2+dfsg-6_mipsel.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge7", "arch": "ia64", "packageFilename": "libxine-dev_1.0.1-1sarge7_ia64.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6", "arch": "i686", "packageFilename": "libxine1-dbg_1.1.2+dfsg-6_i386.deb", "packageName": "libxine1-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge7", "arch": "mips", "packageFilename": "libxine1_1.0.1-1sarge7_mips.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge7", "arch": "ia64", "packageFilename": "libxine1_1.0.1-1sarge7_ia64.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6", "arch": "mipsel", "packageFilename": "libxine1-dbg_1.1.2+dfsg-6_mipsel.deb", "packageName": "libxine1-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge7", "arch": "hppa", "packageFilename": "libxine1_1.0.1-1sarge7_hppa.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6", "arch": "ia64", "packageFilename": "libxine-dev_1.1.2+dfsg-6_ia64.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge7", "arch": "ppc", "packageFilename": "libxine1_1.0.1-1sarge7_powerpc.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge7", "arch": "alpha", "packageFilename": "libxine1_1.0.1-1sarge7_alpha.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6", "arch": "mips", "packageFilename": "libxine1_1.1.2+dfsg-6_mips.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge7", "arch": "i686", "packageFilename": "libxine-dev_1.0.1-1sarge7_i386.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge7", "arch": "s390x", "packageFilename": "libxine-dev_1.0.1-1sarge7_s390.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge7", "arch": "x86-64", "packageFilename": "libxine-dev_1.0.1-1sarge7_amd64.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge7.diff", "arch": "src", "packageFilename": "xine-lib_1.0.1-1sarge7.diff.gz", "packageName": "xine-lib", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6.diff", "arch": "src", "packageFilename": "xine-lib_1.1.2+dfsg-6.diff.gz", "packageName": "xine-lib", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6", "arch": "x86-64", "packageFilename": "libxine1-dbg_1.1.2+dfsg-6_amd64.deb", "packageName": "libxine1-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6", "arch": "x86-64", "packageFilename": "libxine-dev_1.1.2+dfsg-6_amd64.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge7", "arch": "i686", "packageFilename": "libxine1_1.0.1-1sarge7_i386.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge7", "arch": "arm", "packageFilename": "libxine-dev_1.0.1-1sarge7_arm.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge7", "arch": "m68k", "packageFilename": "libxine-dev_1.0.1-1sarge7_m68k.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6", "arch": "alpha", "packageFilename": "libxine-dev_1.1.2+dfsg-6_alpha.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge7", "arch": "ppc", "packageFilename": "libxine-dev_1.0.1-1sarge7_powerpc.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6", "arch": "mipsel", "packageFilename": "libxine1_1.1.2+dfsg-6_mipsel.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6", "arch": "alpha", "packageFilename": "libxine1-dbg_1.1.2+dfsg-6_alpha.deb", "packageName": "libxine1-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge7", "arch": "mipsel", "packageFilename": "libxine-dev_1.0.1-1sarge7_mipsel.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge7", "arch": "x86-64", "packageFilename": "libxine1_1.0.1-1sarge7_amd64.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6", "arch": "ia64", "packageFilename": "libxine1_1.1.2+dfsg-6_ia64.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6", "arch": "alpha", "packageFilename": "libxine1_1.1.2+dfsg-6_alpha.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6", "arch": "s390x", "packageFilename": "libxine1_1.1.2+dfsg-6_s390.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6", "arch": "arm", "packageFilename": "libxine-dev_1.1.2+dfsg-6_arm.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6", "arch": "i686", "packageFilename": "libxine-dev_1.1.2+dfsg-6_i386.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6", "arch": "ppc", "packageFilename": "libxine1-dbg_1.1.2+dfsg-6_powerpc.deb", "packageName": "libxine1-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.1.2+dfsg-6", "arch": "x86-64", "packageFilename": "libxine1_1.1.2+dfsg-6_amd64.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge7", "arch": "mipsel", "packageFilename": "libxine1_1.0.1-1sarge7_mipsel.deb", "packageName": "libxine1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge7", "arch": "sparc", "packageFilename": "libxine-dev_1.0.1-1sarge7_sparc.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge7", "arch": "mips", "packageFilename": "libxine-dev_1.0.1-1sarge7_mips.deb", "packageName": "libxine-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "1.0.1-1sarge7", "arch": "alpha", "packageFilename": "libxine-dev_1.0.1-1sarge7_alpha.deb", "packageName": "libxine-dev", "operator": "lt"}], "description": "Several local vulnerabilities have been discovered in Xine, a media player library, allowed for a denial of service or arbitrary code execution, which could be exploited through viewing malicious content. The Common Vulnerabilities and Exposures project identifies the following problems:\n\n * [CVE-2007-1246](<https://security-tracker.debian.org/tracker/CVE-2007-1246>) / [CVE-2007-1387](<https://security-tracker.debian.org/tracker/CVE-2007-1387>)\n\nThe DMO_VideoDecoder_Open function does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code (applies to sarge only).\n\n * [CVE-2008-0073](<https://security-tracker.debian.org/tracker/CVE-2008-0073>)\n\nArray index error in the sdpplin_parse function allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter.\n\n * [CVE-2008-0486](<https://security-tracker.debian.org/tracker/CVE-2008-0486>)\n\nArray index vulnerability in libmpdemux/demux_audio.c might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow (applies to etch only).\n\n * [CVE-2008-1161](<https://security-tracker.debian.org/tracker/CVE-2008-1161>)\n\nBuffer overflow in the Matroska demuxer allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Matroska file with invalid frame sizes.\n\nFor the old stable distribution (sarge), these problems have been fixed in version 1.0.1-1sarge7.\n\nFor the stable distribution (etch), these problems have been fixed in version 1.1.2+dfsg-6.\n\nFor the unstable distribution (sid), these problems have been fixed in version 1.1.11-1.\n\nWe recommend that you upgrade your xine-lib package.", "edition": 1, "reporter": "Debian", "published": "2008-03-31T00:00:00", "title": "libxine -- several vulnerabilities", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "debian", "bulletinFamily": "unix", "cvelist": ["CVE-2008-0073", "CVE-2008-0486", "CVE-2007-1246", "CVE-2008-1161", "CVE-2007-1387"], "modified": "2008-03-31T00:00:00", "id": "DSA-1536", "href": "http://www.debian.org/security/dsa-1536", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-02T18:19:43", "references": [], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.0~rc1-12etch2", "arch": "s390x", "packageFilename": "mplayer_1.0~rc1-12etch2_s390.deb", "packageName": "mplayer", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.0~rc1-12etch2", "arch": "src", "packageFilename": "mplayer_1.0~rc1-12etch2.dsc", "packageName": "mplayer", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.0~rc1-12etch2", "arch": "alpha", "packageFilename": "mplayer_1.0~rc1-12etch2_alpha.deb", "packageName": "mplayer", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.0~rc1-12etch2", "arch": "arm", "packageFilename": "mplayer_1.0~rc1-12etch2_arm.deb", "packageName": "mplayer", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.0~rc1.orig", "arch": "src", "packageFilename": "mplayer_1.0~rc1.orig.tar.gz", "packageName": "mplayer", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.0~rc1-12etch2", "arch": "i686", "packageFilename": "mplayer_1.0~rc1-12etch2_i386.deb", "packageName": "mplayer", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.0~rc1-12etch2", "arch": "mips", "packageFilename": "mplayer_1.0~rc1-12etch2_mips.deb", "packageName": "mplayer", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.0~rc1-12etch2", "arch": "all", "packageFilename": "mplayer-doc_1.0~rc1-12etch2_all.deb", "packageName": "mplayer-doc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.0~rc1-12etch2", "arch": "ppc", "packageFilename": "mplayer_1.0~rc1-12etch2_powerpc.deb", "packageName": "mplayer", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.0~rc1-12etch2", "arch": "hppa", "packageFilename": "mplayer_1.0~rc1-12etch2_hppa.deb", "packageName": "mplayer", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.0~rc1-12etch2", "arch": "mipsel", "packageFilename": "mplayer_1.0~rc1-12etch2_mipsel.deb", "packageName": "mplayer", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.0~rc1-12etch2", "arch": "ia64", "packageFilename": "mplayer_1.0~rc1-12etch2_ia64.deb", "packageName": "mplayer", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.0~rc1-12etch2.diff", "arch": "src", "packageFilename": "mplayer_1.0~rc1-12etch2.diff.gz", "packageName": "mplayer", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "1.0~rc1-12etch2", "arch": "x86-64", "packageFilename": "mplayer_1.0~rc1-12etch2_amd64.deb", "packageName": "mplayer", "operator": "lt"}], "description": "Several buffer overflows have been discovered in the MPlayer movie player, which might lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems:\n\n * [CVE-2008-0485](<https://security-tracker.debian.org/tracker/CVE-2008-0485>)\n\nFelipe Manzano and Anibal Sacco discovered a buffer overflow in the demuxer for MOV files.\n\n * [CVE-2008-0486](<https://security-tracker.debian.org/tracker/CVE-2008-0486>)\n\nReimar Doeffinger discovered a buffer overflow in the FLAC header parsing.\n\n * [CVE-2008-0629](<https://security-tracker.debian.org/tracker/CVE-2008-0629>)\n\nAdam Bozanich discovered a buffer overflow in the CDDB access code.\n\n * [CVE-2008-0630](<https://security-tracker.debian.org/tracker/CVE-2008-0630>)\n\nAdam Bozanich discovered a buffer overflow in URL parsing.\n\nThe old stable distribution (sarge) doesn't contain mplayer.\n\nFor the stable distribution (etch), these problems have been fixed in version 1.0~rc1-12etch2.\n\nWe recommend that you upgrade your mplayer packages.", "edition": 1, "reporter": "Debian", "published": "2008-02-12T00:00:00", "title": "mplayer -- buffer overflows", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "debian", "bulletinFamily": "unix", "cvelist": ["CVE-2008-0486", "CVE-2008-0630", "CVE-2008-0485", "CVE-2008-0629"], "modified": "2008-02-12T00:00:00", "id": "DSA-1496", "href": "http://www.debian.org/security/dsa-1496", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "freebsd": [{"lastseen": "2018-08-31T01:15:35", "references": ["http://secunia.com/advisories/28779"], "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "0.99.11_2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mplayer-gtk", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "0.99.11_2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mplayer-gtk2-esound", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "0.99.11_2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mplayer", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "0.99.11_2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mplayer-gtk2", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "0.99.11_2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mplayer-gtk-esound", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "0.99.11_2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "mplayer-esound", "operator": "lt"}], "description": "\nThe Mplayer team reports:\n\nA buffer overflow was found in the code used to extract album\n\t titles from CDDB server answers. When parsing answers from the\n\t CDDB server, the album title is copied into a fixed-size buffer\n\t with insufficient size checks, which may cause a buffer overflow.\n\t A malicious database entry could trigger a buffer overflow in the\n\t program. That can lead to arbitrary code execution with the UID of\n\t the user running MPlayer.\nA buffer overflow was found in the code used to escape URL\n\t strings. The code used to skip over IPv6 addresses can be tricked\n\t into leaving a pointer to a temporary buffer with a non-NULL value;\n\t this causes the unescape code to reuse the buffer, and may lead to\n\t a buffer overflow if the old buffer is smaller than required.\n\t A malicious URL string may be used to trigger a buffer overflow in\n\t the program, that can lead to arbitrary code execution with the UID\n\t of the user running MPlayer.\nA buffer overflow was found in the code used to parse MOV file\n\t headers. The code read some values from the file and used them as\n\t indexes into as array allocated on the heap without performing any\n\t boundary check. A malicious file may be used to trigger a buffer\n\t overflow in the program. That can lead to arbitrary code execution\n\t with the UID of the user running MPlayer.\n\n", "edition": 3, "reporter": "FreeBSD", "published": "2008-02-05T00:00:00", "title": "mplayer -- multiple vulnerabilities", "type": "freebsd", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2008-0486", "CVE-2008-0630", "CVE-2008-0485", "CVE-2008-0629"], "modified": "2008-02-05T00:00:00", "id": "DE4D4110-EBCE-11DC-AE14-0016179B2DD5", "href": "https://vuxml.freebsd.org/freebsd/de4d4110-ebce-11dc-ae14-0016179b2dd5.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:09:58", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2008-1482", "https://people.canonical.com/~ubuntu-security/cve/CVE-2008-1878", "https://people.canonical.com/~ubuntu-security/cve/CVE-2008-1686", "https://people.canonical.com/~ubuntu-security/cve/CVE-2008-0225", "https://people.canonical.com/~ubuntu-security/cve/CVE-2008-1161", "https://people.canonical.com/~ubuntu-security/cve/CVE-2008-1110", "https://people.canonical.com/~ubuntu-security/cve/CVE-2008-0486", "https://people.canonical.com/~ubuntu-security/cve/CVE-2008-0073", "https://people.canonical.com/~ubuntu-security/cve/CVE-2008-0238"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "1.1.1+ubuntu2-7.9", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libxine-main1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "1.1.11.1-1ubuntu3.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libxine1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "7.04", "packageVersion": "1.1.4-2ubuntu3.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libxine-main1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "7.10", "packageVersion": "1.1.7-1ubuntu1.3", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libxine1", "operator": "lt"}], "description": "Alin Rad Pop discovered an array index vulnerability in the SDP parser. If a user or automated system were tricked into opening a malicious RTSP stream, a remote attacker may be able to execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-0073)\n\nLuigi Auriemma discovered that xine-lib did not properly check buffer sizes in the RTSP header-handling code. If xine-lib opened an RTSP stream with crafted SDP attributes, a remote attacker may be able to execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-0225, CVE-2008-0238)\n\nDamian Frizza and Alfredo Ortega discovered that xine-lib did not properly validate FLAC tags. If a user or automated system were tricked into opening a crafted FLAC file, a remote attacker may be able to execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-0486)\n\nIt was discovered that the ASF demuxer in xine-lib did not properly check the length if the ASF header. If a user or automated system were tricked into opening a crafted ASF file, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-1110)\n\nIt was discovered that the Matroska demuxer in xine-lib did not properly verify frame sizes. If xine-lib opened a crafted ASF file, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-1161)\n\nLuigi Auriemma discovered multiple integer overflows in xine-lib. If a user or automated system were tricked into opening a crafted FLV, MOV, RM, MVE, MKV or CAK file, a remote attacker may be able to execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-1482)\n\nIt was discovered that xine-lib did not properly validate its input when processing Speex file headers. If a user or automated system were tricked into opening a specially crafted Speex file, an attacker could create a denial of service or possibly execute arbitrary code as the user invoking the program. (CVE-2008-1686)\n\nGuido Landi discovered a stack-based buffer overflow in xine-lib when processing NSF files. If xine-lib opened a specially crafted NSF file with a long NSF title, an attacker could create a denial of service or possibly execute arbitrary code as the user invoking the program. (CVE-2008-1878)", "edition": 3, "reporter": "Ubuntu", "published": "2008-08-06T00:00:00", "title": "xine-lib vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "bulletinFamily": "unix", "cvelist": ["CVE-2008-0073", "CVE-2008-0486", "CVE-2008-0238", "CVE-2008-1110", "CVE-2008-1878", "CVE-2008-1686", "CVE-2008-0225", "CVE-2008-1161", "CVE-2008-1482"], "modified": "2008-08-06T00:00:00", "id": "USN-635-1", "href": "https://usn.ubuntu.com/635-1/", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
