LinuxSecurity.com 		Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: May 14th, 2012
Linux Advisory Watch: May 10th, 2012
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandriva: xine-lib Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Mandrake Vulnerabilities have been discovered and corrected in xine-lib: - xine-lib before 1.1.15 allows remote attackers to cause a denial of service (crash) via mp3 files with metadata consisting only of separators (CVE-2008-5248) - Integer overflow in the qt_error parse_trak_atom function in demuxers/demux_qt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, which triggers a heap-based buffer overflow (CVE-2009-1274) - Integer overflow in the 4xm demuxer (demuxers/demux_4xm.c) in xine-lib 1.1.16.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a 4X movie file with a large current_track value, a similar issue to CVE-2009-0385 (CVE-2009-0698) This update fixes these issues. 
 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2009:298
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : xine-lib
 Date    : November 13, 2009
 Affected: Corporate 3.0
 _______________________________________________________________________

 Problem Description:

 Vulnerabilities have been discovered and corrected in xine-lib:
 
 - xine-lib before 1.1.15 allows remote attackers to cause a denial
 of service (crash) via mp3 files with metadata consisting only of
 separators (CVE-2008-5248)
 
 - Integer overflow in the qt_error parse_trak_atom function in
 demuxers/demux_qt.c in xine-lib 1.1.16.2 and earlier allows remote
 attackers to execute arbitrary code via a Quicktime movie file with a
 large count value in an STTS atom, which triggers a heap-based buffer
 overflow (CVE-2009-1274)
 
 - Integer overflow in the 4xm demuxer (demuxers/demux_4xm.c)
 in xine-lib 1.1.16.1 allows remote attackers to cause a denial of
 service (crash) and possibly execute arbitrary code via a 4X movie
 file with a large current_track value, a similar issue to CVE-2009-0385
 (CVE-2009-0698)
 
 This update fixes these issues.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5248
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1274
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0698
 _______________________________________________________________________

 Updated Packages:

 Corporate 3.0:
 47002044e449dde281941081839c6fa9  corporate/3.0/i586/libxine1-1-0.rc3.6.18.C30mdk.i586.rpm
 0abdd642e1014e67f83445818c69d666  corporate/3.0/i586/libxine1-devel-1-0.rc3.6.18.C30mdk.i586.rpm
 2190418670c91e44a8b48fe1c29afaa5  corporate/3.0/i586/xine-aa-1-0.rc3.6.18.C30mdk.i586.rpm
 95a464b49a559cbc57eee48ae37224b9  corporate/3.0/i586/xine-arts-1-0.rc3.6.18.C30mdk.i586.rpm
 e95764e9cec627b27b416e001e7e7482  corporate/3.0/i586/xine-dxr3-1-0.rc3.6.18.C30mdk.i586.rpm
 8829d42bc844675045b6153fe36021f1  corporate/3.0/i586/xine-esd-1-0.rc3.6.18.C30mdk.i586.rpm
 7c5d8aea1c07df147cb4ae9b9a0c5464  corporate/3.0/i586/xine-flac-1-0.rc3.6.18.C30mdk.i586.rpm
 136374c1cf768fd20bd16384a43d2677  corporate/3.0/i586/xine-gnomevfs-1-0.rc3.6.18.C30mdk.i586.rpm
 0566b33424cf000e5c708fa3b4114f03  corporate/3.0/i586/xine-plugins-1-0.rc3.6.18.C30mdk.i586.rpm 
 2a3fd8d1416bcdb149ae0176b024894d  corporate/3.0/SRPMS/xine-lib-1-0.rc3.6.18.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 5bae0dd040512b8ca9192623241e25ff  corporate/3.0/x86_64/lib64xine1-1-0.rc3.6.18.C30mdk.x86_64.rpm
 5c7e07610511ae684a31ce859c8ebcf6  corporate/3.0/x86_64/lib64xine1-devel-1-0.rc3.6.18.C30mdk.x86_64.rpm
 f7431390bbd6b04bd7e1c6d684c033e1  corporate/3.0/x86_64/xine-aa-1-0.rc3.6.18.C30mdk.x86_64.rpm
 094905da7c51e1d15d9af52735a8b8e1  corporate/3.0/x86_64/xine-arts-1-0.rc3.6.18.C30mdk.x86_64.rpm
 5490e9cc4ca21c0f00dbe1d097f00232  corporate/3.0/x86_64/xine-esd-1-0.rc3.6.18.C30mdk.x86_64.rpm
 e144fea85dcfc1749dff42824c66eb40  corporate/3.0/x86_64/xine-flac-1-0.rc3.6.18.C30mdk.x86_64.rpm
 276d7b3f1d16c3bb730124b483edcc40  corporate/3.0/x86_64/xine-gnomevfs-1-0.rc3.6.18.C30mdk.x86_64.rpm
 a638804b41ab4fec8bb16118da7e19fe  corporate/3.0/x86_64/xine-plugins-1-0.rc3.6.18.C30mdk.x86_64.rpm 
 2a3fd8d1416bcdb149ae0176b024894d  corporate/3.0/SRPMS/xine-lib-1-0.rc3.6.18.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
 
< Prev   Next >
    
Partner

 
Latest Features
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Using the sec-wall Security Proxy
sec-wall: Open Source Security Proxy
Yesterday's Edition
Bredolab botnet author sentenced to 4 years in prison in Armenia
Flaw Found in Common Network Security Technology
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2012 Guardian Digital, Inc. All rights reserved.