Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Gentoo Linux: 200801-12 Alert: xine-lib Heap Overflow Exploit

gentoo
Calendar Grey January 27, 2008
Dist Gentoo Esm H88
The advisory GLSA-200801-12 from Gentoo highlights a vulnerability in xine-lib, specifically related to a buffer overflow that can occur when handling RTSP streams.
xine-lib is vulnerable to multiple heap-based buffer overflows when processing RTSP streams.

Summary

Gentoo Linux Security Advisory GLSA 200801-12 https://security.gentoo.org/ Severity: Normal Title: xine-lib: User-assisted execution of arbitrary code Date: January 27, 2008 Bugs: #205197 ID: 200801-12

Synopsis ======= xine-lib is vulnerable to multiple heap-based buffer overflows when processing RTSP streams.
Background ========= xine-lib is the core library package for the xine media player.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 media-libs/xine-lib < 1.1.9.1 >= 1.1.9.1
========== Luigi Auriemma reported that xine-lib does not properly check boundaries when processing SDP attributes of RTSP streams, leading to heap-based buffer overflows.
Impact ===...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory gentoo arbitrary code execution heap overflow xine-lib RTSP streams

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory gentoo arbitrary code execution heap overflow xine-lib RTSP streams

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Related News

Your message here