Mandriva Linux Security Advisory 2009-298 - xine-lib before 1.1.15 allows remote attackers to cause a denial of service (crash) via mp3 files with metadata consisting only of separators. Integer overflow in the qt_error parse_trak_atom function in demuxers/demux_qt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, which triggers a heap-based buffer overflow. Integer overflow in the 4xm demuxer (demuxers/demux_4xm.c) in xine-lib 1.1.16.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a 4X movie file with a large current_track value, a similar issue to CVE-2009-0385. This update fixes these issues.
5d042dccc94ef37a7d0408f534588f6948d25d09047cfc5837da14932f9f6036
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2009:298
http://www.mandriva.com/security/
_______________________________________________________________________
Package : xine-lib
Date : November 13, 2009
Affected: Corporate 3.0
_______________________________________________________________________
Problem Description:
Vulnerabilities have been discovered and corrected in xine-lib:
- xine-lib before 1.1.15 allows remote attackers to cause a denial
of service (crash) via mp3 files with metadata consisting only of
separators (CVE-2008-5248)
- Integer overflow in the qt_error parse_trak_atom function in
demuxers/demux_qt.c in xine-lib 1.1.16.2 and earlier allows remote
attackers to execute arbitrary code via a Quicktime movie file with a
large count value in an STTS atom, which triggers a heap-based buffer
overflow (CVE-2009-1274)
- Integer overflow in the 4xm demuxer (demuxers/demux_4xm.c)
in xine-lib 1.1.16.1 allows remote attackers to cause a denial of
service (crash) and possibly execute arbitrary code via a 4X movie
file with a large current_track value, a similar issue to CVE-2009-0385
(CVE-2009-0698)
This update fixes these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5248
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1274
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0698
_______________________________________________________________________
Updated Packages:
Corporate 3.0:
47002044e449dde281941081839c6fa9 corporate/3.0/i586/libxine1-1-0.rc3.6.18.C30mdk.i586.rpm
0abdd642e1014e67f83445818c69d666 corporate/3.0/i586/libxine1-devel-1-0.rc3.6.18.C30mdk.i586.rpm
2190418670c91e44a8b48fe1c29afaa5 corporate/3.0/i586/xine-aa-1-0.rc3.6.18.C30mdk.i586.rpm
95a464b49a559cbc57eee48ae37224b9 corporate/3.0/i586/xine-arts-1-0.rc3.6.18.C30mdk.i586.rpm
e95764e9cec627b27b416e001e7e7482 corporate/3.0/i586/xine-dxr3-1-0.rc3.6.18.C30mdk.i586.rpm
8829d42bc844675045b6153fe36021f1 corporate/3.0/i586/xine-esd-1-0.rc3.6.18.C30mdk.i586.rpm
7c5d8aea1c07df147cb4ae9b9a0c5464 corporate/3.0/i586/xine-flac-1-0.rc3.6.18.C30mdk.i586.rpm
136374c1cf768fd20bd16384a43d2677 corporate/3.0/i586/xine-gnomevfs-1-0.rc3.6.18.C30mdk.i586.rpm
0566b33424cf000e5c708fa3b4114f03 corporate/3.0/i586/xine-plugins-1-0.rc3.6.18.C30mdk.i586.rpm
2a3fd8d1416bcdb149ae0176b024894d corporate/3.0/SRPMS/xine-lib-1-0.rc3.6.18.C30mdk.src.rpm
Corporate 3.0/X86_64:
5bae0dd040512b8ca9192623241e25ff corporate/3.0/x86_64/lib64xine1-1-0.rc3.6.18.C30mdk.x86_64.rpm
5c7e07610511ae684a31ce859c8ebcf6 corporate/3.0/x86_64/lib64xine1-devel-1-0.rc3.6.18.C30mdk.x86_64.rpm
f7431390bbd6b04bd7e1c6d684c033e1 corporate/3.0/x86_64/xine-aa-1-0.rc3.6.18.C30mdk.x86_64.rpm
094905da7c51e1d15d9af52735a8b8e1 corporate/3.0/x86_64/xine-arts-1-0.rc3.6.18.C30mdk.x86_64.rpm
5490e9cc4ca21c0f00dbe1d097f00232 corporate/3.0/x86_64/xine-esd-1-0.rc3.6.18.C30mdk.x86_64.rpm
e144fea85dcfc1749dff42824c66eb40 corporate/3.0/x86_64/xine-flac-1-0.rc3.6.18.C30mdk.x86_64.rpm
276d7b3f1d16c3bb730124b483edcc40 corporate/3.0/x86_64/xine-gnomevfs-1-0.rc3.6.18.C30mdk.x86_64.rpm
a638804b41ab4fec8bb16118da7e19fe corporate/3.0/x86_64/xine-plugins-1-0.rc3.6.18.C30mdk.x86_64.rpm
2a3fd8d1416bcdb149ae0176b024894d corporate/3.0/SRPMS/xine-lib-1-0.rc3.6.18.C30mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFK/cnPmqjQ0CJFipgRAkD1AJ9ijkhXTb3c8+BfefIpF5DMCkhFOwCdH+w5
m2PUfeKqIDMhR50WpumwmRY=
=gQmZ
-----END PGP SIGNATURE-----
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed