This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
An integer overflow flaw, leading to arbitrary memory writes, was
found in libvpx. An attacker could create a specially-crafted video
encoded using the VP8 codec that, when played by a victim with an
application using libvpx (such as Totem), would cause the application
to crash or, potentially, execute arbitrary code. (CVE-2010-4203)
After installing the update, all applications using libvpx must be
restarted for the changes to take effect.
See also :
Update the affected libvpx, libvpx-devel and / or libvpx-utils
Risk factor :
High / CVSS Base Score : 9.3
Family: Scientific Linux Local Security Checks
Nessus Plugin ID: 60926 ()
CVE ID: CVE-2010-4203