Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2007:143 (mplayer)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.58439

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDKSA-2007:143 (mplayer)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to mplayer
announced via advisory MDKSA-2007:143.

Multiple stack-based buffer overflows in stream/stream_cddb.c in
MPlayer before 1.0rc1try3 allow remote attackers to execute arbitrary
code via a CDDB entry with a long (1) album title or (2) category.

Updated packages have been patched to prevent this issue.

Affected: 2007.0, 2007.1, Corporate 3.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2007:143

Risk factor : Critical

CVSS Score:
9.3

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-2948
BugTraq ID: 24339
http://www.securityfocus.com/bid/24339
Debian Security Information: DSA-1313 (Google Search)
http://www.debian.org/security/2007/dsa-1313
http://security.gentoo.org/glsa/glsa-200707-07.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:143
http://secunia.com/secunia_research/2007-55/
http://lists.mplayerhq.hu/pipermail/mplayer-announce/2007-June/000066.html
http://osvdb.org/36991
http://secunia.com/advisories/24302
http://secunia.com/advisories/25713
http://secunia.com/advisories/25940
http://secunia.com/advisories/26083
http://secunia.com/advisories/26207
SuSE Security Announcement: SUSE-SR:2007:014 (Google Search)
http://www.novell.com/linux/security/advisories/2007_14_sr.html
http://www.vupen.com/english/advisories/2007/2080
XForce ISS Database: mplayer-cddb-bo(34749)
https://exchange.xforce.ibmcloud.com/vulnerabilities/34749

Copyright Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.58439
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2007:143 (mplayer)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to mplayer announced via advisory MDKSA-2007:143. Multiple stack-based buffer overflows in stream/stream_cddb.c in MPlayer before 1.0rc1try3 allow remote attackers to execute arbitrary code via a CDDB entry with a long (1) album title or (2) category. Updated packages have been patched to prevent this issue. Affected: 2007.0, 2007.1, Corporate 3.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2007:143 Risk factor : Critical CVSS Score: 9.3
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-2948 BugTraq ID: 24339 http://www.securityfocus.com/bid/24339 Debian Security Information: DSA-1313 (Google Search) http://www.debian.org/security/2007/dsa-1313 http://security.gentoo.org/glsa/glsa-200707-07.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:143 http://secunia.com/secunia_research/2007-55/ http://lists.mplayerhq.hu/pipermail/mplayer-announce/2007-June/000066.html http://osvdb.org/36991 http://secunia.com/advisories/24302 http://secunia.com/advisories/25713 http://secunia.com/advisories/25940 http://secunia.com/advisories/26083 http://secunia.com/advisories/26207 SuSE Security Announcement: SUSE-SR:2007:014 (Google Search) http://www.novell.com/linux/security/advisories/2007_14_sr.html http://www.vupen.com/english/advisories/2007/2080 XForce ISS Database: mplayer-cddb-bo(34749) https://exchange.xforce.ibmcloud.com/vulnerabilities/34749
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com