Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.53053
Kategorie:Turbolinux Local Security Tests
Titel:Turbolinux TLSA-2005-65 (xine-lib)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing an update to xine-lib
announced via advisory TLSA-2005-65.

The xine engine is a free media player engine. It comes in the
form of a shared libarary and is typically used by media player
frontends and other multimedia applications for playback of
multimedia streams such as movies, radio/tv network streams, DVDs,
VCDs.

Multiple heap-based buffer overflows vulnerabilities exist in the
handling of MMS over TCP (MMST) streams or RealMedia RTSP streams
in xine-lib.

These vulnerabilities may allow attackers to execute arbitrary
code via malformed multimedia files.

Solution: Please use the turbopkg (zabom) tool to apply the update.
https://secure1.securityspace.com/smysecure/catid.html?in=TLSA-2005-65

Risk factor : High

CVSS Score:
7.5

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2005-1195
BugTraq ID: 13271
http://www.securityfocus.com/bid/13271
Bugtraq: 20050421 [PLSN-0003] - Remote exploits in MPlayer (Google Search)
http://www.securityfocus.com/archive/1/396703
Bugtraq: 20050421 xine security announcement: multiple heap overflows in MMS and Real RTSP streaming clients (Google Search)
http://seclists.org/lists/bugtraq/2005/Apr/0337.html
http://www.gentoo.org/security/en/glsa/glsa-200504-19.xml
http://www.osvdb.org/15711
http://www.osvdb.org/15712
http://securitytracker.com/id?1013771
http://secunia.com/advisories/15014
XForce ISS Database: mplayer-mmst-stream-bo(20175)
https://exchange.xforce.ibmcloud.com/vulnerabilities/20175
XForce ISS Database: mplayer-rtsp-stream-bo(20171)
https://exchange.xforce.ibmcloud.com/vulnerabilities/20171
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.