[ MDVSA-2008:178 ] xine-lib

[dude67]

xine-lib

Alin Rad Pop found an array index vulnerability in the SDP parser
of xine-lib. If a user or automated system were tricked into opening
a malicious RTSP stream, a remote attacker could possibly execute
arbitrary code with the privileges of the user using the program
(CVE-2008-0073).

The ASF demuxer in xine-lib did not properly check the length of
ASF headers. If a user was tricked into opening a crafted ASF file,
a remote attacker could possibly cause a denial of service or execute
arbitrary code with the privileges of the user using the program
(CVE-2008-1110).

The Matroska demuxer in xine-lib did not properly verify frame sizes,
which could possibly lead to the execution of arbitrary code if a
user opened a crafted ASF file (CVE-2008-1161).

Luigi Auriemma found multiple integer overflows in xine-lib. If a
user was tricked into opening a crafted FLV, MOV, RM, MVE, MKV, or
CAK file, a remote attacker could possibly execute arbitrary code
with the privileges of the user using the program (CVE-2008-1482).

Guido Landi found A stack-based buffer overflow in xine-lib
that could allow a remote attacker to cause a denial of service
(crash) and potentially execute arbitrary code via a long NSF title
(CVE-2008-1878).

The updated packages have been patched to correct this issue.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cg ... -2008-0073
http://cve.mitre.org/cgi-bin/cvename.cg ... -2008-1110
http://cve.mitre.org/cgi-bin/cvename.cg ... -2008-1161
http://cve.mitre.org/cgi-bin/cvename.cg ... -2008-1482
http://cve.mitre.org/cgi-bin/cvename.cg ... -2008-1878
_______________________________________________________________________