Fedora 8 : xine-lib-1.1.15-1.fc8 (2008-7572)

This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing a security update.

Description :

This release fixes multiple bugs and security issues: - DoS via
corrupted Ogg files (CVE-2008-3231) - multiple possible buffer
overflows detailed in oCERT-2008-008 For more details, see:
http://sourceforge.net/project/shownotes.php?release_id=619869&group_i
d=9655 http://www.ocert.org/advisories/ocert-2008-008.html NOTE: A
coordinated release with 3rd-party repos was not possible, so this
update may result in dependency issues with currently-installed
xine-lib-extras-* rpms. This temporary problem will be rectified asap.

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

http://www.nessus.org/u?3d83ed04
http://www.ocert.org/advisories/ocert-2008-008.html
https://bugzilla.redhat.com/show_bug.cgi?id=456057
http://www.nessus.org/u?e4db7ea1

Solution :

Update the affected xine-lib package.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now