Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Gentoo: GLSA-200802-12 Alert: xine-lib Buffer Overflow Issue Found

gentoo
Calendar Grey February 26, 2008
Dist Gentoo Esm H88
A serious xine-lib vulnerability has been found in Gentoo Linux, allowing attackers to execute arbitrary code on affected systems if exploited by users.
xine-lib is vulnerable to multiple buffer overflows when processing FLAC and ASF streams.

Summary

Gentoo Linux Security Advisory GLSA 200802-12 https://security.gentoo.org/ Severity: Normal Title: xine-lib: User-assisted execution of arbitrary code Date: February 26, 2008 Bugs: #209106, #208100 ID: 200802-12

Synopsis ======= xine-lib is vulnerable to multiple buffer overflows when processing FLAC and ASF streams.
Background ========= xine-lib is the core library package for the xine media player.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 media-libs/xine-lib < 1.1.10.1 >= 1.1.10.1
========== Damian Frizza and Alfredo Ortega (Core Security Technologies) discovered a stack-based buffer overflow within the open_flac_file() function in the file demux_flac.c...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory Gentoo buffer overflow arbitrary code xine-lib normal severity user execution

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory Gentoo buffer overflow arbitrary code xine-lib normal severity user execution

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Related News

Your message here