FreeBSD : libxine -- multiple vulnerabilities in VideoCD handling (b6939d5b-64a1-11d9-9106-000a95bc6fae)

This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

A xine security announcement states :

Several string overflows on the stack have been fixed in xine-lib,
some of them can be used for remote buffer overflow exploits leading
to the execution of arbitrary code with the permissions of the user
running a xine-lib based media application.

Stack-based string overflows have been found :

- in the code which handles VideoCD MRLs

- in VideoCD code reading the disc label

- in the code which parses text subtitles and prepares them for
display

See also :

http://www.nessus.org/u?21259b72
http://www.nessus.org/u?d2d3bd6f

Solution :

Update the affected package.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 19094 (freebsd_pkg_b6939d5b64a111d99106000a95bc6fae.nasl)

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now