oval:org.mitre.oval:def:7757

Definition Id: oval:org.mitre.oval:def:7757

Oval ID:	oval:org.mitre.oval:def:7757
Title:	DSA-1536 xine-lib -- several vulnerabilities
Description:	Several local vulnerabilities have been discovered in Xine, a media player library, allowed for a denial of service or arbitrary code execution, which could be exploited through viewing malicious content. The Common Vulnerabilities and Exposures project identifies the following problems: The DMO_VideoDecoder_Open function does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code (applies to sarge only). Array index error in the sdpplin_parse function allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter. Array index vulnerability in libmpdemux/demux_audio.c might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow (applies to etch only). Buffer overflow in the Matroska demuxer allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Matroska file with invalid frame sizes.
Family:	unix	Class:	patch
Reference(s):	DSA-1536 CVE-2007-1246 CVE-2007-1387 CVE-2008-0073 CVE-2008-0486 CVE-2008-1161	Version:	3
Platform(s):	Debian GNU/Linux 4.0 Debian GNU/Linux 3.1	Product(s):	xine-lib
Definition Synopsis:
Release section Debian GNU/Linux 4.0 is installed. AND Packages section libxine1 is earlier than 1.1.2+dfsg-6 AND libxine1-dbg is earlier than 1.1.2+dfsg-6 AND libxine-dev is earlier than 1.1.2+dfsg-6 OR Release section Debian GNU/Linux 3.1 is installed AND Packages section libxine1 is earlier than 1.0.1-1sarge7 AND libxine-dev is earlier than 1.0.1-1sarge7

Definition Id: oval:org.mitre.oval:def:7692

Oval ID:	oval:org.mitre.oval:def:7692
Title:	Debian GNU/Linux 3.1 is installed
Description:	Debian GNU/Linux 3.1 (sarge) is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:debian:debian_gnu/linux:3.1	Version:	7
Platform(s):	Debian GNU/Linux 3.1	Product(s):
Definition Synopsis:
Debian GNU/Linux 3.1 is installed
Referenced By:
oval:org.mitre.oval:def:7757

Definition Id: oval:org.mitre.oval:def:6461

Oval ID:	oval:org.mitre.oval:def:6461
Title:	Debian GNU/Linux 4.0 is installed.
Description:	Debian GNU/Linux 4.0 (etch) is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:debian:debian_gnu/linux:4.0	Version:	9
Platform(s):	Debian GNU/Linux 4.0	Product(s):
Definition Synopsis:
Debian GNU/Linux 4.0 is installed
Referenced By:
oval:org.mitre.oval:def:7757

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0271s

Facebook rss twitter linkedin mail