Home | hacker invade | crack analyzes | hacker course | Exploit | encryption decipher | network management | System crack | the virus to be related | invades the examination | firewall
You are here: hacking technology > System crack > Content
Hot Articles
The Wireshark 1.0.1 edit
BlueZ the SDP load handl
Mozilla the Firefox 2.0.
WeFi journal file local
IntelliTamper HTML resol
IntelliTamper 2.0.7 (htm
ServerView Web connectio
phpMyAdmin long-distance
Microsoft PowerPoint Vie
DC++ many long-distance
VLC the media player WAV
Wordpress XML-RPC connec
PCRE the pcre_compile.c
BlueZ the SDP load handl
Microsoft Windows DNS se
Recommend Articles
Mozilla the Firefox 2.0.
DC++ many long-distance
VLC the media player WAV
The Wireshark 1.0.1 edit
Wordpress XML-RPC connec
ServerView Web connectio
PCRE the pcre_compile.c
phpMyAdmin long-distance
Panda the ActiveScan lon
BlueZ the SDP load handl
1024 CMS many documents
WeFi journal file local
vBulletin adminlog.php r
Microsoft Windows DNS se
Adobe RoboHelp Server he
New Articles
the xine-lib 1.1.15 edit
ezContents CMS many loca
Novell iPrint client sid
vBulletin $newpm[title]
Anzio Web Print Object A
IBM WebSphere the Portal
MailScan Web management
After GnuTLS gnutls_hand
Postfix local informatio
HAVP the sockethandler.c
xine-lib more than 1.1.1
IntelliTamper 2.0.7 (htm
IntelliTamper 2.07 (serv
Microsoft IE XHTML exagg
Microsoft IE MHTML agree
the xine-lib 1.1.15 editions repair many security cracks
  Add date: 10/08/2008   Publishing date: 10/08/2008   Hits: 1

Issues the date: 2008-08-22
Renewal date: 2008-08-26

Is affected the system:
xine xine-lib <= 1.1.14
Not affected system:
xine xine-lib 1.1.15
Description:
--------------------------------------------------------------------------------
BUGTRAQ ID: 30797

xine is a section of free media player, supports many kinds of forms.

xine-lib storehouse when analysis abnormal media file has many buffer overflow crack, the permission long-distance aggressor carries out the random code.

1) src/demuxers/demux_realaudio.c in the document open_ra_file() function has the integer overflow crack, if the user were deceived opens the specially made RealAudio document to trigger this overflow on the possibility.

2) src/demuxers/demux_matroska.c in the document parse_block_group() function exists piles the overflow crack, if the user were deceived opens the specially made Matroska document to trigger this overflow on the possibility.

<* origin: Will Drewry (wad@google.com)
 
  Link: http://secunia.com/advisories/31567/
        http://marc.info/?l=bugtraq&m=121943981105339&w=2
*>

Suggested:
--------------------------------------------------------------------------------
Manufacturer patch:

xine
----
At present the manufacturer had already issued the promotion patch repairs this security problem, welcome to manufacturer main page downloading:

http://downloads.sourceforge.net/xine/xine-lib-1.1.15.tar.bz2?modtime=1218753637&big_mirror=0
 
Prev:ezContents CMS many local documents contain the loophole

Comment:

Category: Home > System crack
Home