FreeBSD : libxine -- multiple vulnerabilities in VideoCD handling (b6939d5b-64a1-11d9-9106-000a95bc6fae)

High Nessus Plugin ID 19094


The remote FreeBSD host is missing a security-related update.


A xine security announcement states :

Several string overflows on the stack have been fixed in xine-lib, some of them can be used for remote buffer overflow exploits leading to the execution of arbitrary code with the permissions of the user running a xine-lib based media application.

Stack-based string overflows have been found :

- in the code which handles VideoCD MRLs

- in VideoCD code reading the disc label

- in the code which parses text subtitles and prepares them for display


Update the affected package.

See Also

Plugin Details

Severity: High

ID: 19094

File Name: freebsd_pkg_b6939d5b64a111d99106000a95bc6fae.nasl

Version: $Revision: 1.10 $

Type: local

Published: 2005/07/13

Modified: 2013/08/09

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:libxine, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2005/01/12

Vulnerability Publication Date: 2004/09/07