14 matches found
Mandriva Update for mplayer MDVSA-2008:045 (mplayer)
Check for the Version of mplayer OpenVAS Vulnerability Test Mandriva Update for mplayer MDVSA-2008:045 mplayer Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
Gentoo Security Advisory GLSA 200801-12 (xine-lib)
The remote host is missing updates announced in advisory GLSA 200801-12. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
FreeBSD Ports: libxine
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Debian Security Advisory DSA 1472-1 (xine-lib)
The remote host is missing an update to xine-lib announced via advisory DSA 1472-1. OpenVAS Vulnerability Test $Id: deb14721.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1472-1 xine-lib Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
Debian: Security Advisory (DSA-1472-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE 10 Security Update : xine-devel (xine-devel-4916)
Specially crafted rtsp-Streams could cause a buffer overflow in xine. Attackers could potentially exploit that to execute arbitrary code CVE-2008-0225. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security...
SuSE 10 Security Update : xine (ZYPP Patch Number 4926)
Specially crafted rtsp-Streams could cause a buffer overflow in xine. Attackers could potentially exploit that to execute arbitrary code. CVE-2008-0225 Additionally a security update of xorg-x11 revealed a bug in xine-ui. The xine user interface didn't display properly due to that. %NASLMINLEVEL...
Debian DSA-1472-1 : xine-lib - buffer overflow
Luigi Auriemma discovered that the Xine media player library performed insufficient input sanitising during the handling of RTSP streams, which could lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugi...
[SECURITY] [DSA 1472-1] New xine-lib packages fix arbitrary code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1472-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 21, 2008 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1472-1] New xine-lib packages fix arbitrary code execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1472-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 21, 2008 http://www.debian.org/security/faq -...
FreeBSD : libxine -- buffer overflow vulnerability (02eedd3c-c6b5-11dc-93b6-000e35248ad7)
xine project reports : A new xine-lib version is now available. This release contains a security fix remotely-exploitable buffer overflow, CVE-2008-0225. It also contains a read-past-end fix for an internal library function which is only used if the OS does not supply it and a rendering fix for...
Heap overflow
Multiple heap-based buffer overflows in the rmffdumpcont function in input/libreal/rmff.c in xine-lib 1.1.9 allow remote attackers to execute arbitrary code via the SDP 1 Title, 2 Author, or 3 Copyright attribute, related to the rmffdumpheader function, different vectors than CVE-2008-0225. NOTE:...
CVE-2008-0225
CVE-2008-0225 is a vulnerability in xine-lib up to version 1.1.9 where a heap-based buffer overflow in rmff_dump_cont (rmff.c) can be triggered via the SDP Abstract attribute in an RTSP session. The root cause is the code path that disregards the max field in rmff_dump_header, leading to potentia...
libxine -- buffer overflow vulnerability
xine project reports: A new xine-lib version is now available. This release contains a security fix remotely-expoitable buffer overflow, CVE-2008-0225. It also contains a read-past-end fix for an internal library function which is only used if the OS does not supply it and a rendering fix for...