This script is Copyright (C) 2009-2015 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing one or more security
A vulnerability in the Speex library was found where it did not
properly validate input values read from the Speex files headers. An
attacker could create a malicious Speex file that would crash an
application or potentially allow the execution of arbitrary code with
the privileges of the application calling the Speex library
Xine-lib is similarly affected by this issue.
As well, the previous version of xine as provided in Mandriva Linux
2008.1 would crash when playing matroska files, and a regression was
introduced that prevented Amarok from playing m4a files.
The updated packages have been patched to correct this issue.
Update the affected packages.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : false