12 matches found
Slackware: Security Advisory (SSA:2007-109-02)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-433-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 200705-21 (mplayer)
The remote host is missing updates announced in advisory GLSA 200705-21. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
mplayer -- DMO File Parsing Buffer Overflow Vulnerability
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Debian Security Advisory DSA 1536-1 (xine-lib)
The remote host is missing an update to xine-lib announced via advisory DSA 1536-1. OpenVAS Vulnerability Test $Id: deb15361.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1536-1 xine-lib Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
Debian DSA-1536-1 : libxine - several vulnerabilities
Several local vulnerabilities have been discovered in Xine, a media player library, allowed for a denial of service or arbitrary code execution, which could be exploited through viewing malicious content. The Common Vulnerabilities and Exposures project identifies the following problems : -...
[SECURITY] [DSA 1536-1] New libxine packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-1536-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst March 31, 2008 http://www.debian.org/security/faq -...
SuSE 10 Security Update : xine-lib (ZYPP Patch Number 2988)
The DirectShow loader uses wrong parameters in the memcpy function call which leads to a buffer overflow. CVE-2007-1246 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...
openSUSE 10 Security Update : xine-lib (xine-lib-2989)
The DirectShow loader uses wrong parameters in the memcpy function call which leads to a buffer overflow. CVE-2007-1246 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Securit...
[slackware-security] xine-lib
New xine-lib packages are available for Slackware 10.0, 10.1, 10.2, 11.0, and -current to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2007-1246 Here are the details from the Slackware 11.0...
CVE-2007-1246
The DMOVideoDecoderOpen function in loader/dmo/DMOVideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerabilit...
CVE-2007-1246
The CVE-2007-1246 issue affects MPlayer prior to/including 1.0rc1 (as used in xine-lib). The vulnerability resides in DMO_VideoDecoder_Open (loader/dmo/DMO_VideoDecoder.c) where biSize is not set before a memcpy, enabling a user‑assisted remote attacker to trigger a buffer overflow and potentiall...