Test Kennung:	1.3.6.1.4.1.25623.1.0.56743
Kategorie:	Mandrake Local Security Checks
Titel:	Mandrake Security Advisory MDKSA-2006:085 (xine-ui)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing an update to xine-ui announced via advisory MDKSA-2006:085. Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine allow remote attackers to execute arbitrary code via format string specifiers in a long filename on an EXTINFO line in a playlist file. Packages have been patched to correct this issue. Affected: 2006.0, Corporate 3.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2006:085 Risk factor : High CVSS Score: 7.5
Querverweis:	BugTraq ID: 17579 Common Vulnerability Exposure (CVE) ID: CVE-2006-1905 http://www.securityfocus.com/bid/17579 Bugtraq: 20060418 Remote Xine Format String Vulnerability (Google Search) http://www.securityfocus.com/archive/1/431251/100/0/threaded http://www.gentoo.org/security/en/glsa/glsa-200604-15.xml http://www.mandriva.com/security/advisories?name=MDKSA-2006:085 http://open-security.org/advisories/16 http://www.osvdb.org/24747 http://securitytracker.com/id?1015959 http://secunia.com/advisories/19671 http://secunia.com/advisories/19854 http://secunia.com/advisories/20066 SuSE Security Announcement: SUSE-SA:2006:025 (Google Search) http://www.novell.com/linux/security/advisories/2006_05_05.html http://www.vupen.com/english/advisories/2006/1432 XForce ISS Database: xine-playlist-format-string(25851) https://exchange.xforce.ibmcloud.com/vulnerabilities/25851
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.