Mageni Mageni Security LLC

Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

FreeBSD Ports: libxine

Information

Severity

Severity

Medium

Family

Family

FreeBSD Local Security Checks

CVSSv2 Base

CVSSv2 Base

6.4

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:N

Solution Type

Solution Type

Vendor Patch

Created

Created

15 years ago

Modified

Modified

7 years ago

Share

Summary

The remote host is missing an update to the system as announced in the referenced advisory.

Insight

Insight

The following package is affected: libxine CVE-2008-0225 Heap-based buffer overflow in the rmff_dump_cont function in input/libreal/rmff.c in xine-lib 1.1.9 and earlier allows remote attackers to execute arbitrary code via the SDP Abstract attribute in an RTSP session, related to the rmff_dump_header function and related to disregarding the max field. NOTE: some of these details are obtained from third party information.

Solution

Solution

Update your system with the appropriate patches or software upgrades. http://aluigi.altervista.org/adv/xinermffhof-adv.txt http://secunia.com/advisories/28384 http://www.vuxml.org/freebsd/02eedd3c-c6b5-11dc-93b6-000e35248ad7.html

Common Vulnerabilities and Exposures (CVE)