oval:org.mitre.oval:def:13455

Definition Id: oval:org.mitre.oval:def:13455

Oval ID:	oval:org.mitre.oval:def:13455
Title:	DSA-1819-1 vlc -- several vulnerabilities
Description:	Several vulnerabilities have been discovered in vlc, a multimedia player and streamer. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-1768 Drew Yao discovered that multiple integer overflows in the MP4 demuxer, Real demuxer and Cinepak codec can lead to the execution of arbitrary code. CVE-2008-1769 Drew Yao discovered that the Cinepak codec is prone to a memory corruption, which can be triggered by a crafted Cinepak file. CVE-2008-1881 Luigi Auriemma discovered that it is possible to execute arbitrary code via a long subtitle in an SSA file. CVE-2008-2147 It was discovered that vlc is prone to a search path vulnerability, which allows local users to perform privilege escalations. CVE-2008-2430 Alin Rad Pop discovered that it is possible to execute arbitrary code when opening a WAV file containing a large fmt chunk. CVE-2008-3794 PÄ±nar YanardaÄ discovered that it is possible to execute arbitrary code when opening a crafted mmst link. CVE-2008-4686 Tobias Klein discovered that it is possible to execute arbitrary code when opening a crafted .ty file. CVE-2008-5032 Tobias Klein discovered that it is possible to execute arbitrary code when opening an invalid CUE image file with a crafted header. For the oldstable distribution, these problems have been fixed in version 0.8.6-svn20061012.debian-5.1+etch3. For the stable distribution, these problems have been fixed in version 0.8.6.h-4+lenny2, which was already included in the lenny release. For the testing distribution and the unstable distribution, these problems have been fixed in version 0.8.6.h-5. We recommend that you upgrade your vlc packages.
Family:	unix	Class:	patch
Reference(s):	DSA-1819-1 CVE-2008-1768 CVE-2008-1769 CVE-2008-1881 CVE-2008-2147 CVE-2008-2430 CVE-2008-3794 CVE-2008-4686 CVE-2008-5032	Version:	5
Platform(s):	Debian GNU/Linux 4.0	Product(s):	vlc
Definition Synopsis:
Debian GNU/Linux 4.0 is installed. Architecture section Architecture independent section Installed architecture is all AND Packages section wxvlc DPKG is earlier than 0.8.6-svn20061012.debian-5.1+etch3 AND vlc-plugin-alsa DPKG is earlier than 0.8.6-svn20061012.debian-5.1+etch3 AND vlc-nox DPKG is earlier than 0.8.6-svn20061012.debian-5.1+etch3 AND vlc-plugin-arts DPKG is earlier than 0.8.6-svn20061012.debian-5.1+etch3 AND vlc DPKG is earlier than 0.8.6-svn20061012.debian-5.1+etch3 AND mozilla-plugin-vlc DPKG is earlier than 0.8.6-svn20061012.debian-5.1+etch3 AND vlc-plugin-ggi DPKG is earlier than 0.8.6-svn20061012.debian-5.1+etch3 AND libvlc0-dev DPKG is earlier than 0.8.6-svn20061012.debian-5.1+etch3 AND libvlc0 DPKG is earlier than 0.8.6-svn20061012.debian-5.1+etch3 AND vlc-plugin-esd DPKG is earlier than 0.8.6-svn20061012.debian-5.1+etch3 AND vlc-plugin-sdl DPKG is earlier than 0.8.6-svn20061012.debian-5.1+etch3 OR Architecture depended section Installed architecture is i386 AND Packages section vlc-plugin-glide DPKG is earlier than 0.8.6-svn20061012.debian-5.1+etch3 AND vlc-plugin-svgalib DPKG is earlier than 0.8.6-svn20061012.debian-5.1+etch3

Definition Id: oval:org.mitre.oval:def:6461

Oval ID:	oval:org.mitre.oval:def:6461
Title:	Debian GNU/Linux 4.0 is installed.
Description:	Debian GNU/Linux 4.0 (etch) is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:debian:debian_gnu/linux:4.0	Version:	9
Platform(s):	Debian GNU/Linux 4.0	Product(s):
Definition Synopsis:
Debian GNU/Linux 4.0 is installed
Referenced By:
oval:org.mitre.oval:def:13455

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0406s

Facebook rss twitter linkedin mail