|Category:||Debian Local Security Checks|
|Title:||Debian Security Advisory DSA 2045-1 (libtheora)|
|Summary:||Debian Security Advisory DSA 2045-1 (libtheora)|
|Description:||The remote host is missing an update to libtheora|
announced via advisory DSA 2045-1.
Bob Clary, Dan Kaminsky and David Keeler discovered that in libtheora, a
video library part of the Ogg project, several flaws allow allow
context-dependent attackers via a large and specially crafted media
file, to cause a denial of service (crash of the player using this
library), and possibly arbitrary code execution.
For the stable distribution (lenny), this problem has been fixed in
For the testing distribution (squeeze), this problem has been fixed in
For the testing distribution (sid), this problem has been fixed in
We recommend that you upgrade your libtheora packages.
Common Vulnerability Exposure (CVE) ID: CVE-2009-3389|
SuSE Security Announcement: SUSE-SA:2009:063 (Google Search)
SuSE Security Announcement: SUSE-SR:2010:008 (Google Search)
SuSE Security Announcement: SUSE-SR:2010:013 (Google Search)
BugTraq ID: 37349
BugTraq ID: 37368
XForce ISS Database: mozilla-theora-bo(54805)
|Copyright||Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com|
|This is only one of 38680 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.