FreeBSD : libxine -- buffer overflow vulnerability (107e2ee5-f941-11da-b1fa-020039488e34)
Medium Nessus Plugin ID 21700
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionA Secunia Advisory reports :
Federico L. Bossi Bonin has discovered a weakness in xine-lib, which can be exploited by malicious people to crash certain applications on a user's system.
The weakness is cause due to a heap corruption within the 'xineplug_inp_http.so' plugin when handling an overly large reply from the HTTP server. This can be exploited to crash an application that uses the plugin (e.g. gxine).
SolutionUpdate the affected package.