French Security Incident Response Team

FrSIRT   

      

   français French  anglais English

 
Vulnerability Notification Service
 FrSIRT Partner Program
 14-Day Free Trial
Contact FrSIRT Sales Dept.
 

Security Advisories
Linux Security Advisories
Virus and Threats Advisories
Latest Security News
Latest Zero Day Threats
Advisories and vulnerabilities by Vendor
Advisories and vulnerabilities by Keyword
 

Report a security incident
Report a new vulnerability
Security Mailinglist
 

Our Company
FrSIRT in the News
Advertise on FrSIRT.COM
Security Researchers and Exploit Writers Jobs
Contact Us

Fedora Security Update Fixes Xine-lib Buffer Overflow Vulnerabilities

Title : Fedora Security Update Fixes Xine-lib Buffer Overflow Vulnerabilities
Advisory ID : FrSIRT/ADV-2008-0165
CVE ID : CVE-2008-0225
Rated as : High Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2008-01-16

Advisory Details
 
  Description
  Affected Products
  Solution
  References
Technical Description    Receive FrSIRT alerts in a Text format  Receive FrSIRT alerts in a PDF format  Receive FrSIRT alerts in an XML format  Receive FrSIRT notifications by SMS 

Multiple vulnerabilities have been identified in Fedora, which could be exploited by attackers to cause a denial of service or execute arbitrary code [...]

Solution

Upgrade the affected packages :

b2abe960ef6a29f54a90a732abb409524c2a6133 xine-lib-debuginfo-1.1.9.1-1.fc8.ppc64.rpm
bb88e6e6f35e9a5176d2a01d1eaff806c5e5f8c2 xine-lib-extras-1.1.9.1-1.fc8.ppc64.rpm
16e241385bf28e8e241ce68cdfa6071521c702d1 xine-lib-arts-1.1.9.1-1.fc8.ppc64.rpm
72a202179b50a3e78562966fead56ec8b90728c6 xine-lib-devel-1.1.9.1-1.fc8.ppc64.rpm
7bb90948f5070dc8d9610483b5033d692475fd2b xine-lib-1.1.9.1-1.fc8.ppc64.rpm
ce6c97f78ba49906cb02ccbdb7d5956bb102b5bb xine-lib-debuginfo-1.1.9.1-1.fc8.i386.rpm
c22f6122ca16a24bb0048acb90737102c68cc21e xine-lib-extras-1.1.9.1-1.fc8.i386.rpm
be962cda0955f992793de4626ea5097d700d4198 xine-lib-arts-1.1.9.1-1.fc8.i386.rpm
ff8ab3ebd2b713216deed1acae49c3b8b940ebad xine-lib-devel-1.1.9.1-1.fc8.i386.rpm
cbd11130176bc6ae53c9279b260869ddd0390c3f xine-lib-1.1.9.1-1.fc8.i386.rpm
2facdc9b37748b5fabf15088e90ccdcc3f98474e xine-lib-debuginfo-1.1.9.1-1.fc8.x86_64.rpm
4531454886a6eb2fb33133fbc3e27778cb742f0d xine-lib-extras-1.1.9.1-1.fc8.x86_64.rpm
6f942388b92b16d910de0d0267eb745604b7faa8 xine-lib-arts-1.1.9.1-1.fc8.x86_64.rpm
ddaef3c21012b59553163f6ecc9d0a6a60271e5a xine-lib-devel-1.1.9.1-1.fc8.x86_64.rpm
97d66d5263f68509665d4c7d5c1f981e2849d482 xine-lib-1.1.9.1-1.fc8.x86_64.rpm
bb0f2ae7857d4c4790bb122d61ea0196cdd80ecd xine-lib-debuginfo-1.1.9.1-1.fc8.ppc.rpm
a500d455a5bb4196e8f26a5c428d8d1d1b30ada0 xine-lib-extras-1.1.9.1-1.fc8.ppc.rpm
77cf908868e0a64859dbbb8089cc5a8fa1028aa5 xine-lib-arts-1.1.9.1-1.fc8.ppc.rpm
a7f96e9dc172d180c1b44fa14769bc62bdd6e7f3 xine-lib-devel-1.1.9.1-1.fc8.ppc.rpm
0f3fc9b3aa1fef5b6a8688d90e45a17011a6b3fd xine-lib-1.1.9.1-1.fc8.ppc.rpm
b11c21906a5c41485838867d52fe97203d60be35 xine-lib-1.1.9.1-1.fc8.src.rpm

ChangeLog

2008-01-16 : Initial release

Vulnerability Management

Subscribe to FrSIRT VNS and receive real-time e-mail and SMS alerts when new vulnerabilities, exploits, or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form or by email to updates@frsirt.com.
 
 

Search
      

Mailinglist
    
 

IBM Lotus Quickr Denial of Service and Security Bypass Vulnerabilities

IBM Tivoli Netcool/Webtop Multiple Security Bypass Vulnerabilities

IBM WebSphere Application Server Security Exposure Vulnerabilities

IBM DB2 Universal Database Multiple Denial of Service

IBM AIX "swcons" Insecure Permission Privilege Escalation Vulnerability

IBM WebSphere Application Server Cross Site Scripting Vulnerability

IBM DB2 CLR Stored Procedures Unspecified Vulnerability

Sun Solaris ACL UFS File Systems Denial of Service Vulnerability

Sun Solaris Text Editors Tag Files Local Code Execution Vulnerability

Sun Management Center Remote Denial of Service Vulnerability

Sun Solaris Bzip2 Archive Handling Denial of Service Vulnerability

Sun Solaris GNU Tar Headers Handling Buffer Overflow Vulnerability

Sun Solaris Covert Channel Local Security Bypass Vulnerability

Sun Solaris NFS RPC Zone Denial of Service Vulnerability

Mozilla Products Code Execution and Security Bypass Vulnerabilities

Mozilla Firefox for Mac OS X GIF Rendering Code Execution Vulnerability

Mozilla Products Remote Code Execution and Security Bypass Issues

Mozilla Products Code Execution and Injection Vulnerabilities

Mozilla JavaScript Garbage Collector Code Execution Vulnerability

Mozilla Thunderbird Code Execution and Cross Site Scripting Issues

Mozilla Firefox and SeaMonkey Multiple Remote Code Execution Issues

Copyright 2003-2008 © FrSIRT.COM - Privacy Policy