Mandriva update for xine-lib - Secunia Advisories - Vulnerability Intelligence

Mandriva update for xine-lib
Secunia Advisory:	SA20828	Advisory Toolbox: Issue ticket Save in to-do list Mark as handled Exploit information Download as PDF Review actions Add comment
Release Date:	2006-06-26
Popularity:	4,501 views

Critical:	Moderately critical
Impact:	System access DoS
Where:	From remote
Solution Status:	Vendor Patch

OS:	Mandriva Linux 2006

Subscribe:	Instant alerts on relevant vulnerabilities

CVE reference:	CVE-2006-2802

Description: Mandriva has issued an update for xine-lib. This fixes a weakness, which can be exploited by malicious people to crash certain applications on a user's system For more information: SA20369 A boundary error in the AVI demuxer, which may be exploited to cause a buffer overflow, has also been reported. Solution: Apply updated packages. -- Mandrivalinux 2006 -- 904b1e86d75ee4bfa8281502b8d8dd60 2006.0/RPMS/libxine1-1.1.0-9.3.20060mdk.i586.rpm ddae938ae14b61dc19311e3b1c43c732 2006.0/RPMS/libxine1-devel-1.1.0-9.3.20060mdk.i586.rpm 52d14f097de9909ae7fa7cb4cc079a69 2006.0/RPMS/xine-aa-1.1.0-9.3.20060mdk.i586.rpm 723156ddabd5ee3f88693e578d96e56d 2006.0/RPMS/xine-arts-1.1.0-9.3.20060mdk.i586.rpm 5f28c1bc6bf0688c6ecb260e00531846 2006.0/RPMS/xine-dxr3-1.1.0-9.3.20060mdk.i586.rpm 84dd3acde96126f2b6f0146a0a24dade 2006.0/RPMS/xine-esd-1.1.0-9.3.20060mdk.i586.rpm 3d216fdcc4bd0c0e768b6d779a0e1d49 2006.0/RPMS/xine-flac-1.1.0-9.3.20060mdk.i586.rpm 3a62513a70e360c38f3c82ea2d3e7310 2006.0/RPMS/xine-gnomevfs-1.1.0-9.3.20060mdk.i586.rpm 7e044bd1b04ee2531f5f5cd4fe7daad3 2006.0/RPMS/xine-image-1.1.0-9.3.20060mdk.i586.rpm d75c1fcc21a53f88c5abe88497968421 2006.0/RPMS/xine-plugins-1.1.0-9.3.20060mdk.i586.rpm dabedf3272f152fb60bb5a413050c7e0 2006.0/RPMS/xine-polyp-1.1.0-9.3.20060mdk.i586.rpm e1885c8818bafdd885f96eaf8c12ef7f 2006.0/RPMS/xine-smb-1.1.0-9.3.20060mdk.i586.rpm ff8503a1b8087bc9181f07678438553d 2006.0/SRPMS/xine-lib-1.1.0-9.3.20060mdk.src.rpm -- Mandrivalinux 2006/X86_64 -- bfe9c3b5b5df347001df5cfd0bb2f644 x86_64/2006.0/RPMS/lib64xine1-1.1.0-9.3.20060mdk.x86_64.rpm 94d8aa7a860ba4aa93f655c09ad1c366 x86_64/2006.0/RPMS/lib64xine1-devel-1.1.0-9.3.20060mdk.x86_64.rpm 0a4c15b7e94af988af673273e8258328 x86_64/2006.0/RPMS/xine-aa-1.1.0-9.3.20060mdk.x86_64.rpm 299d73e1d222b28c1c2901896e2507ed x86_64/2006.0/RPMS/xine-arts-1.1.0-9.3.20060mdk.x86_64.rpm 26add5380db72a42ef9bd67508f48dad x86_64/2006.0/RPMS/xine-dxr3-1.1.0-9.3.20060mdk.x86_64.rpm 51cb6ba50f28b1868691460376639a6c x86_64/2006.0/RPMS/xine-esd-1.1.0-9.3.20060mdk.x86_64.rpm e970668f572b7e7a62530b778b3fb493 x86_64/2006.0/RPMS/xine-flac-1.1.0-9.3.20060mdk.x86_64.rpm f5293bf40bd328e14c1291c68237b1d8 x86_64/2006.0/RPMS/xine-gnomevfs-1.1.0-9.3.20060mdk.x86_64.rpm 537a00c6c9509a99d9112440dd49e7d1 x86_64/2006.0/RPMS/xine-image-1.1.0-9.3.20060mdk.x86_64.rpm 8b752a25e5220b0a846a44f16789b7c9 x86_64/2006.0/RPMS/xine-plugins-1.1.0-9.3.20060mdk.x86_64.rpm b66deaeca87b2e72508e1ca72024f59e x86_64/2006.0/RPMS/xine-polyp-1.1.0-9.3.20060mdk.x86_64.rpm e89abe16a92fc7fa2cafc9e0ab031ac5 x86_64/2006.0/RPMS/xine-smb-1.1.0-9.3.20060mdk.x86_64.rpm ff8503a1b8087bc9181f07678438553d x86_64/2006.0/SRPMS/xine-lib-1.1.0-9.3.20060mdk.src.rpm Original Advisory: http://www.mandriva.com/security/advisories?name=MDKSA-2006:108 Other References: SA20369: http://secunia.com/advisories/20369/

Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released. Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise. Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

Latest Advisories

6th Oct, 2008

New advisories:	19
New vulnerabilities:	52
Updated advisories:	26

Moderately // 295 views

Serv-U File Renaming Directory Traversal and STOU Denial of Service

Moderately // 304 views

JMweb MP3 Script "src" File Inclusion Vulnerabilities

Less // 274 views

AmpJuke "special" SQL Injection Vulnerability

Less // 293 views

Website Directory "keyword" Cross-Site Scripting Vulnerability

Less // 286 views

Nucleus EUC-JP Cross-Site Scripting Vulnerability

Not // 574 views

Microsoft Windows Vista Page Fault Handling Denial of Service

Less // 274 views

Kontiki Delivery Management System "action" Cross-Site Scripting

Moderately // 298 views

PHP-Fusion Recepies Module "kat_id" SQL Injection

Highly // 698 views

VMware ESX Server Sun Java JDK / JRE Multiple Vulnerabilities

Highly // 603 views

VMware VirtualCenter Multiple Vulnerabilities

Solutions | More...

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com. Ideas, suggestions, and other feedback are most welcome.