ID de Prueba:	1.3.6.1.4.1.25623.1.0.52843
Categoría:	Turbolinux Local Security Tests
Título:	Turbolinux TLSA-2005-27 (xine-lib)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to xine-lib announced via advisory TLSA-2005-27. The xine engine is a free media player engine. It comes in the form of a shared libarary and is typically used by media player frontends and other multimedia applications for playback of multimedia streams such as movies, radio/tv network streams, DVDs, VCDs. Buffer overflow vulnerabilities have been discovered in the open_aiff_file and pnm_get_chunk functions of xine-lib. These vulnerabilities may allow attackers to execute arbitrary code via malformed multimedia files. Solution: Please use the turbopkg (zabom) tool to apply the update. https://secure1.securityspace.com/smysecure/catid.html?in=TLSA-2005-27 Risk factor : Critical CVSS Score: 10.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-1187 http://www.idefense.com/application/poi/display?id=176&type=vulnerabilities http://www.mandriva.com/security/advisories?name=MDKSA-2005:011 XForce ISS Database: xine-pnatag-bo(18640) https://exchange.xforce.ibmcloud.com/vulnerabilities/18640 Common Vulnerability Exposure (CVE) ID: CVE-2004-1188 http://www.idefense.com/application/poi/display?id=177&type=vulnerabilities XForce ISS Database: xine-pnmgetchunk-bo(18638) https://exchange.xforce.ibmcloud.com/vulnerabilities/18638 Common Vulnerability Exposure (CVE) ID: CVE-2004-1300 http://tigger.uic.edu/~jlongs2/holes/xine-lib.txt XForce ISS Database: xine-openaifffile-bo(18611) https://exchange.xforce.ibmcloud.com/vulnerabilities/18611
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.