FreeBSD : xine -- multiple remote string vulnerabilities (8d4ae57d-d2ab-11da-a672-000e0c2e438a)
High Nessus Plugin ID 21471
SynopsisThe remote FreeBSD host is missing a security-related update.
Descriptionc0ntexb reports :
There are 2 format string bugs in the latest version of Xine that could be exploited by a malicious person to execute code on the system of a remote user running the media player against a malicious playlist file. By passing a format specifier in the path of a file that is embedded in a remote playlist, it is possible to trigger this bug.
SolutionUpdate the affected package.