Scientific Linux Security Update : libvorbis on SL5.x, SL4.x, SL3.x i386/x86_64
Medium Nessus Plugin ID 60252
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionSeveral flaws were found in the way libvorbis processed audio data. An attacker could create a carefully crafted OGG audio file in such a way that it could cause an application linked with libvorbis to crash or execute arbitrary code when it was opened. (CVE-2007-3106, CVE-2007-4029, CVE-2007-4065, CVE-2007-4066)
SolutionUpdate the affected libvorbis and / or libvorbis-devel packages.