Mandriva Linux Security Advisory 2009-298

Mandriva Linux Security Advisory 2009-298: Posted Nov 17, 2009; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2009-298 - xine-lib before 1.1.15 allows remote attackers to cause a denial of service (crash) via mp3 files with metadata consisting only of separators. Integer overflow in the qt_error parse_trak_atom function in demuxers/demux_qt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, which triggers a heap-based buffer overflow. Integer overflow in the 4xm demuxer (demuxers/demux_4xm.c) in xine-lib 1.1.16.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a 4X movie file with a large current_track value, a similar issue to CVE-2009-0385. This update fixes these issues.; tags | advisory, remote, denial of service, overflow, arbitrary; systems | linux, mandriva; advisories | CVE-2008-5248, CVE-2009-1274, CVE-2009-0698; SHA-256 | 5d042dccc94ef37a7d0408f534588f6948d25d09047cfc5837da14932f9f6036; Download | Favorite | View

Mandriva Linux Security Advisory 2009-298


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2009:298
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : xine-lib
 Date    : November 13, 2009
 Affected: Corporate 3.0
 _______________________________________________________________________

 Problem Description:

 Vulnerabilities have been discovered and corrected in xine-lib:
 
 - xine-lib before 1.1.15 allows remote attackers to cause a denial
 of service (crash) via mp3 files with metadata consisting only of
 separators (CVE-2008-5248)
 
 - Integer overflow in the qt_error parse_trak_atom function in
 demuxers/demux_qt.c in xine-lib 1.1.16.2 and earlier allows remote
 attackers to execute arbitrary code via a Quicktime movie file with a
 large count value in an STTS atom, which triggers a heap-based buffer
 overflow (CVE-2009-1274)
 
 - Integer overflow in the 4xm demuxer (demuxers/demux_4xm.c)
 in xine-lib 1.1.16.1 allows remote attackers to cause a denial of
 service (crash) and possibly execute arbitrary code via a 4X movie
 file with a large current_track value, a similar issue to CVE-2009-0385
 (CVE-2009-0698)
 
 This update fixes these issues.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5248
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1274
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0698
 _______________________________________________________________________

 Updated Packages:

 Corporate 3.0:
 47002044e449dde281941081839c6fa9  corporate/3.0/i586/libxine1-1-0.rc3.6.18.C30mdk.i586.rpm
 0abdd642e1014e67f83445818c69d666  corporate/3.0/i586/libxine1-devel-1-0.rc3.6.18.C30mdk.i586.rpm
 2190418670c91e44a8b48fe1c29afaa5  corporate/3.0/i586/xine-aa-1-0.rc3.6.18.C30mdk.i586.rpm
 95a464b49a559cbc57eee48ae37224b9  corporate/3.0/i586/xine-arts-1-0.rc3.6.18.C30mdk.i586.rpm
 e95764e9cec627b27b416e001e7e7482  corporate/3.0/i586/xine-dxr3-1-0.rc3.6.18.C30mdk.i586.rpm
 8829d42bc844675045b6153fe36021f1  corporate/3.0/i586/xine-esd-1-0.rc3.6.18.C30mdk.i586.rpm
 7c5d8aea1c07df147cb4ae9b9a0c5464  corporate/3.0/i586/xine-flac-1-0.rc3.6.18.C30mdk.i586.rpm
 136374c1cf768fd20bd16384a43d2677  corporate/3.0/i586/xine-gnomevfs-1-0.rc3.6.18.C30mdk.i586.rpm
 0566b33424cf000e5c708fa3b4114f03  corporate/3.0/i586/xine-plugins-1-0.rc3.6.18.C30mdk.i586.rpm 
 2a3fd8d1416bcdb149ae0176b024894d  corporate/3.0/SRPMS/xine-lib-1-0.rc3.6.18.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 5bae0dd040512b8ca9192623241e25ff  corporate/3.0/x86_64/lib64xine1-1-0.rc3.6.18.C30mdk.x86_64.rpm
 5c7e07610511ae684a31ce859c8ebcf6  corporate/3.0/x86_64/lib64xine1-devel-1-0.rc3.6.18.C30mdk.x86_64.rpm
 f7431390bbd6b04bd7e1c6d684c033e1  corporate/3.0/x86_64/xine-aa-1-0.rc3.6.18.C30mdk.x86_64.rpm
 094905da7c51e1d15d9af52735a8b8e1  corporate/3.0/x86_64/xine-arts-1-0.rc3.6.18.C30mdk.x86_64.rpm
 5490e9cc4ca21c0f00dbe1d097f00232  corporate/3.0/x86_64/xine-esd-1-0.rc3.6.18.C30mdk.x86_64.rpm
 e144fea85dcfc1749dff42824c66eb40  corporate/3.0/x86_64/xine-flac-1-0.rc3.6.18.C30mdk.x86_64.rpm
 276d7b3f1d16c3bb730124b483edcc40  corporate/3.0/x86_64/xine-gnomevfs-1-0.rc3.6.18.C30mdk.x86_64.rpm
 a638804b41ab4fec8bb16118da7e19fe  corporate/3.0/x86_64/xine-plugins-1-0.rc3.6.18.C30mdk.x86_64.rpm 
 2a3fd8d1416bcdb149ae0176b024894d  corporate/3.0/SRPMS/xine-lib-1-0.rc3.6.18.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFK/cnPmqjQ0CJFipgRAkD1AJ9ijkhXTb3c8+BfefIpF5DMCkhFOwCdH+w5
m2PUfeKqIDMhR50WpumwmRY=
=gQmZ
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 172 files
Ubuntu 47 files
Debian 22 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
tmrswrr 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

Mandriva Linux Security Advisory 2009-298

Mandriva Linux Security Advisory 2009-298

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Mandriva Linux Security Advisory 2009-298

Share This

Mandriva Linux Security Advisory 2009-298

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems