FreeBSD : libxine -- multiple buffer overflows in RTSP (1b70bef4-649f-11d9-a30e-000a95bc6fae)
Critical Nessus Plugin ID 18856
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionA xine security announcement states :
Multiple vulnerabilities have been found and fixed in the Real-Time Streaming Protocol (RTSP) client for RealNetworks servers, including a series of potentially remotely exploitable buffer overflows. This is a joint advisory by the MPlayer and xine teams as the code in question is common to these projects.
Severity: High (arbitrary remote code execution under the user ID running the player) when playing Real RTSP streams. At this time, there is no known exploit for these vulnerabilities.
SolutionUpdate the affected packages.