This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing one or more security
An array index vulnerability found in the FLAC audio demuxer might
allow remote attackers to execute arbitrary code via a crafted FLAC
tag, which triggers a buffer overflow. Although originally an MPlayer
issue, it also affects xine-lib due to code similarity.
The updated packages have been patched to prevent this issue.
The previous update used a bad patch which made Amarok interface very
unresponsive while playing FLAC files. This new update fixes the
security issue with a better patch.
Update the affected packages.
Risk factor :
High / CVSS Base Score : 9.3
Public Exploit Available : true
Family: Mandriva Local Security Checks
Nessus Plugin ID: 36358 (mandriva_MDVSA-2008-046.nasl)
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now