Oracle Linux 4 : HelixPlayer (ELSA-2007-0605)
High Nessus Plugin ID 67538
SynopsisThe remote Oracle Linux host is missing a security update.
DescriptionFrom Red Hat Security Advisory 2007:0605 :
An updated HelixPlayer package that fixes a buffer overflow flaw is now available.
This update has been rated as having critical security impact by the Red Hat Security Response Team.
HelixPlayer is a media player.
A buffer overflow flaw was found in the way HelixPlayer processed Synchronized Multimedia Integration Language (SMIL) files. It was possible for a malformed SMIL file to execute arbitrary code with the permissions of the user running HelixPlayer. (CVE-2007-3410)
All users of HelixPlayer are advised to upgrade to this updated package, which contains a backported patch and is not vulnerable to this issue.
SolutionUpdate the affected helixplayer package.