This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
Multiple vulnerabilities were fixed in libxine 18.104.22.168.
Tobias Klein reports :
FFmpeg contains a type conversion vulnerability while parsing
malformed 4X movie files. The vulnerability may be exploited by a
(remote) attacker to execute arbitrary code in the context of FFmpeg
or an application using the FFmpeg library.
Note: A similar issue also affects xine-lib < version 22.214.171.124.
xine developers report :
- Fix broken size checks in various input plugins (ref.
- More malloc checking (ref. CVE-2008-5240).
See also :
Update the affected package.
Risk factor :
High / CVSS Base Score : 9.3
Family: FreeBSD Local Security Checks
Nessus Plugin ID: 38803 (freebsd_pkg_51d1d42842f011dead22000e35248ad7.nasl)
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now