ID de Prueba:	1.3.6.1.4.1.25623.1.0.58110
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2007:062 (xine-lib)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to xine-lib announced via advisory MDKSA-2007:062. The DS_VideoDecoder_Open function in DirectShow/DS_VideoDecoder.c in xine-lib does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code. Updated packages have been patched to address this issue. Affected: 2007.0, Corporate 3.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2007:062 Risk factor : High CVSS Score: 6.8
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-1387 BugTraq ID: 22933 http://www.securityfocus.com/bid/22933 Debian Security Information: DSA-1536 (Google Search) http://www.debian.org/security/2008/dsa-1536 http://security.gentoo.org/glsa/glsa-200705-21.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:061 http://www.mandriva.com/security/advisories?name=MDKSA-2007:062 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=414072;msg=12;filename=DS_VideoDecoder.c---SVN--22205.patch;att=1 http://secunia.com/advisories/24443 http://secunia.com/advisories/24444 http://secunia.com/advisories/24462 http://secunia.com/advisories/25462 http://secunia.com/advisories/29601 https://usn.ubuntu.com/435-1/
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.