Turbolinux Local Security Tests : Turbolinux TLSA-2005-65 (xine-lib)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.53053

Categoría: Turbolinux Local Security Tests

Título: Turbolinux TLSA-2005-65 (xine-lib)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to xine-lib
announced via advisory TLSA-2005-65.

The xine engine is a free media player engine. It comes in the
form of a shared libarary and is typically used by media player
frontends and other multimedia applications for playback of
multimedia streams such as movies, radio/tv network streams, DVDs,
VCDs.

Multiple heap-based buffer overflows vulnerabilities exist in the
handling of MMS over TCP (MMST) streams or RealMedia RTSP streams
in xine-lib.

These vulnerabilities may allow attackers to execute arbitrary
code via malformed multimedia files.

Solution: Please use the turbopkg (zabom) tool to apply the update.
http://www.securityspace.com/smysecure/catid.html?in=TLSA-2005-65

Risk factor : High

CVSS Score:
7.5

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2005-1195
BugTraq ID: 13271
http://www.securityfocus.com/bid/13271
Bugtraq: 20050421 [PLSN-0003] - Remote exploits in MPlayer (Google Search)
http://www.securityfocus.com/archive/1/396703
Bugtraq: 20050421 xine security announcement: multiple heap overflows in MMS and Real RTSP streaming clients (Google Search)
http://seclists.org/lists/bugtraq/2005/Apr/0337.html
http://www.gentoo.org/security/en/glsa/glsa-200504-19.xml
http://www.osvdb.org/15711
http://www.osvdb.org/15712
http://securitytracker.com/id?1013771
http://secunia.com/advisories/15014
XForce ISS Database: mplayer-mmst-stream-bo(20175)
https://exchange.xforce.ibmcloud.com/vulnerabilities/20175
XForce ISS Database: mplayer-rtsp-stream-bo(20171)
https://exchange.xforce.ibmcloud.com/vulnerabilities/20171

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.53053
Categoría:	Turbolinux Local Security Tests
Título:	Turbolinux TLSA-2005-65 (xine-lib)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to xine-lib announced via advisory TLSA-2005-65. The xine engine is a free media player engine. It comes in the form of a shared libarary and is typically used by media player frontends and other multimedia applications for playback of multimedia streams such as movies, radio/tv network streams, DVDs, VCDs. Multiple heap-based buffer overflows vulnerabilities exist in the handling of MMS over TCP (MMST) streams or RealMedia RTSP streams in xine-lib. These vulnerabilities may allow attackers to execute arbitrary code via malformed multimedia files. Solution: Please use the turbopkg (zabom) tool to apply the update. http://www.securityspace.com/smysecure/catid.html?in=TLSA-2005-65 Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-1195 BugTraq ID: 13271 http://www.securityfocus.com/bid/13271 Bugtraq: 20050421 [PLSN-0003] - Remote exploits in MPlayer (Google Search) http://www.securityfocus.com/archive/1/396703 Bugtraq: 20050421 xine security announcement: multiple heap overflows in MMS and Real RTSP streaming clients (Google Search) http://seclists.org/lists/bugtraq/2005/Apr/0337.html http://www.gentoo.org/security/en/glsa/glsa-200504-19.xml http://www.osvdb.org/15711 http://www.osvdb.org/15712 http://securitytracker.com/id?1013771 http://secunia.com/advisories/15014 XForce ISS Database: mplayer-mmst-stream-bo(20175) https://exchange.xforce.ibmcloud.com/vulnerabilities/20175 XForce ISS Database: mplayer-rtsp-stream-bo(20171) https://exchange.xforce.ibmcloud.com/vulnerabilities/20171
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com