FreeBSD Ports: libxine

Summary
The remote host is missing an update to the system as announced in the referenced advisory.
Solution
Update your system with the appropriate patches or software upgrades. http://trapkit.de/advisories/TKADV2009-004.txt http://trapkit.de/advisories/TKADV2009-005.txt http://sourceforge.net/project/shownotes.php?release_id=660071 http://www.vuxml.org/freebsd/48e14d86-42f1-11de-ad22-000e35248ad7.html
Insight
The following package is affected: libxine CVE-2009-0385 Integer signedness error in the fourxm_read_header function in libavformat/4xm.c in FFmpeg before revision 16846 allows remote attackers to execute arbitrary code via a malformed 4X movie file with a large current_track value, which triggers a NULL pointer dereference. CVE-2009-1274 Integer overflow in the qt_error parse_trak_atom function in demuxers/demux_qt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, which triggers a heap-based buffer overflow.