Mandriva Update For Xine-lib MDVSA-2008:177 (xine-lib) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Guido Landi found A stack-based buffer overflow in xine-lib that could allow a remote attacker to cause a denial of service (crash) and potentially execute arbitrary code via a long NSF title (CVE-2008-1878). The updated packages have been patched to correct this issue.

Affected

xine-lib on Mandriva Linux 2008.1, Mandriva Linux 2008.1/X86_64

Severity

Classification

CVE CVE-2008-1878

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:164 (jasper)
Mandrake Security Advisory MDVSA-2009:166 (c-client)
Mandrake Security Advisory MDVSA-2009:115 (phpMyAdmin)
Mandrake Security Advisory MDVSA-2009:016 (xen)
Mandrake Security Advisory MDVSA-2009:121 (lcms)

Mandriva Update for xine-lib MDVSA-2008:177 (xine-lib)

Take action and discover your vulnerabilities