GLSA-200612-02 : xine-lib: Buffer overflow
High Nessus Plugin ID 23796
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-200612-02 (xine-lib: Buffer overflow)
A possible buffer overflow has been reported in the Real Media input plugin.
An attacker could exploit this vulnerability by enticing a user into loading a specially crafted stream with xine or an application using xine-lib. This can lead to a Denial of Service and possibly the execution of arbitrary code with the rights of the user running the application.
There is no known workaround at this time.
SolutionAll xine-lib users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=media-libs/xine-lib-1.1.2-r3'