Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.70092
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2011:1264
Summary:NOSUMMARY
Description:Description:
The remote host is missing updates announced in
advisory RHSA-2011:1264.

The gstreamer-plugins packages contain plug-ins used by the GStreamer
streaming-media framework to support a wide variety of media formats.

An integer overflow flaw, a boundary error, and multiple off-by-one flaws
were found in various ModPlug music file format library (libmodplug)
modules, embedded in GStreamer. An attacker could create specially-crafted
music files that, when played by a victim, would cause applications using
GStreamer to crash or, potentially, execute arbitrary code. (CVE-2011-2911,
CVE-2011-2912, CVE-2011-2913, CVE-2011-2914, CVE-2011-2915)

All users of gstreamer-plugins are advised to upgrade to these updated
packages, which contain backported patches to correct these issues. After
installing the update, all applications using GStreamer (such as Rhythmbox)
must be restarted for the changes to take effect.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2011-1264.html

Risk factor : High

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2011-2911
BugTraq ID: 48979
http://www.securityfocus.com/bid/48979
Debian Security Information: DSA-2415 (Google Search)
http://www.debian.org/security/2012/dsa-2415
http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066044.html
http://www.gentoo.org/security/en/glsa/glsa-201203-14.xml
http://www.gentoo.org/security/en/glsa/glsa-201203-16.xml
http://www.openwall.com/lists/oss-security/2011/08/10/4
http://www.openwall.com/lists/oss-security/2011/08/12/4
http://www.osvdb.org/74208
RedHat Security Advisories: RHSA-2011:1264
http://rhn.redhat.com/errata/RHSA-2011-1264.html
http://secunia.com/advisories/45131
http://secunia.com/advisories/45658
http://secunia.com/advisories/45742
http://secunia.com/advisories/45901
http://secunia.com/advisories/46032
http://secunia.com/advisories/46043
http://secunia.com/advisories/46793
http://secunia.com/advisories/48058
http://secunia.com/advisories/48434
http://secunia.com/advisories/48439
SuSE Security Announcement: openSUSE-SU-2011:0943 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html
http://ubuntu.com/usn/usn-1255-1
XForce ISS Database: libmodplug-wav-bo(68983)
https://exchange.xforce.ibmcloud.com/vulnerabilities/68983
Common Vulnerability Exposure (CVE) ID: CVE-2011-2912
http://www.osvdb.org/74209
XForce ISS Database: libmodplug-s3m-bo(68984)
https://exchange.xforce.ibmcloud.com/vulnerabilities/68984
Common Vulnerability Exposure (CVE) ID: CVE-2011-2913
http://www.osvdb.org/74210
XForce ISS Database: libmodplug-ams-code-execution(68985)
https://exchange.xforce.ibmcloud.com/vulnerabilities/68985
Common Vulnerability Exposure (CVE) ID: CVE-2011-2914
http://www.osvdb.org/74211
XForce ISS Database: libmodplug-dsm-code-execution(68986)
Common Vulnerability Exposure (CVE) ID: CVE-2011-2915
XForce ISS Database: libmodplug-csoundfile-code-exec(68987)
https://exchange.xforce.ibmcloud.com/vulnerabilities/68987
CopyrightCopyright (c) 2011 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.