Gentoo Security Advisory GLSA 200803-08 (win32codecs) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 200803-08.

Solution

All Win32 binary codecs users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-libs/win32codecs-20071007-r2' Note: Since no updated binary versions have been released, the Quicktime libraries have been removed from the package. Please use the free alternative Quicktime implementations within VLC, MPlayer or Xine for playback. http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200803-08 http://bugs.gentoo.org/show_bug.cgi?id=150288

Insight

Multiple vulnerabilities in the Win32 codecs for Linux may result in the remote execution of arbitrary code.

Severity

Classification

CVE CVE-2006-4382, CVE-2006-4384, CVE-2006-4385, CVE-2006-4386, CVE-2006-4388, CVE-2006-4389, CVE-2007-4674, CVE-2007-6166

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Gentoo Security Advisory GLSA 200408-23 (kdelibs)
Gentoo Security Advisory GLSA 200408-25 (MoinMoin)
Gentoo Security Advisory GLSA 200406-06 (CVS)
Gentoo Security Advisory GLSA 200310-04 (Apache)
Gentoo Security Advisory GLSA 200405-07 (Exim)

Take action and discover your vulnerabilities