Mandrake Linux Security Advisory : xine-lib (MDKSA-2006:121)
Medium Nessus Plugin ID 22042
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionStack-based buffer overflow in MiMMS 0.0.9 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via the (1) send_command, (2) string_utf16, (3) get_data, and (4) get_media_packet functions, and possibly other functions. Xine-lib contains an embedded copy of the same vulnerable code.
The updated packages have been patched to correct this issue.
SolutionUpdate the affected packages.