sdk-xine-libSecurity update for xine-libSecurity update for xine-libMultiple buffer overflows were fixed in the XINE decoder
libraries, which could be used by attackers to crash
players or potentially execute code.
CVE-2006-4799: Buffer overflow in ffmpeg for xine-lib
before 1.1.2 might allow context-dependent attackers to
execute arbitrary code via a crafted AVI file and "bad
indexes".
CVE-2006-4800: Multiple buffer overflows in libavcodec in
ffmpeg before 0.4.9_p20060530 allow remote attackers to
cause a denial of service or possibly execute arbitrary
code via multiple unspecified vectors in (1) dtsdec.c, (2)
vorbis.c, (3) rm.c, (4) sierravmd.c, (5) smacker.c, (6)
tta.c, (7) 4xm.c, (8) alac.c, (9) cook.c, (10) shorten.c,
(11) smacker.c, (12) snow.c, and (13) tta.c.
Multiple buffer overflows were fixed in the XINE decoder
libraries, which could be used by attackers to crash
players or potentially execute code.
CVE-2006-4799: Buffer overflow in ffmpeg for xine-lib
before 1.1.2 might allow context-dependent attackers to
execute arbitrary code via a crafted AVI file and "bad
indexes".
CVE-2006-4800: Multiple buffer overflows in libavcodec in
ffmpeg before 0.4.9_p20060530 allow remote attackers to
cause a denial of service or possibly execute arbitrary
code via multiple unspecified vectors in (1) dtsdec.c, (2)
vorbis.c, (3) rm.c, (4) sierravmd.c, (5) smacker.c, (6)
tta.c, (7) 4xm.c, (8) alac.c, (9) cook.c, (10) shorten.c,
(11) smacker.c, (12) snow.c, and (13) tta.c.
securityxine-libi58629a2a40dd08b234714c140a731651dd4753102db