The host is installed with xine-lib, which prone to multiple vulnerabilities.

Remote exploitation could allow execution of arbitrary code to cause the server to crash or denying the access to legitimate users. Impact Level : Application

Upgrade to xine-lib version 1.1.15 http://xinehq.de/index.php/releases

The flaws are due to, - errors when processing malformed Ogg files in demux_ogg_send_chunk() and send_header() functions in src/demuxers/demux_ogg.c - error when processing malformed V4L video in open_video_capture_device() function in src/input/input_v4l.c file. - error when processing malformed ID3 data in id3v22_interp_frame(), id3v23_interp_frame(), and id3v24_interp_frame() functions in src/demuxers/id3.c file. - error when processing malformed Real file in demux_real_send_chunk() function in src/demuxers/demux_real.c file.

xine-lib versions prior to 1.1.15 on Linux (All).

• http://sourceforge.net/project/shownotes.php?release_id=619869&group_id=9655
• http://www.frsirt.com/english/advisories/2008/2382

---

Updated on 2015-03-25