Test Kennung:	1.3.6.1.4.1.25623.1.0.60894
Kategorie:	FreeBSD Local Security Checks
Titel:	FreeBSD Ports: libxine
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing an update to the system as announced in the referenced advisory. The following package is affected: libxine CVE-2008-1686 Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer. Solution: Update your system with the appropriate patches or software upgrades. http://www.xinehq.de/index.php/news http://www.vuxml.org/freebsd/7a7c5853-10a3-11dd-8eb8-00163e000016.html CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2008-1686 BugTraq ID: 28665 http://www.securityfocus.com/bid/28665 Bugtraq: 20080417 [oCERT-2008-004] multiple speex implementations insufficientboundary checks (Google Search) http://www.securityfocus.com/archive/1/491009/100/0/threaded Debian Security Information: DSA-1584 (Google Search) http://www.debian.org/security/2008/dsa-1584 Debian Security Information: DSA-1585 (Google Search) http://www.debian.org/security/2008/dsa-1585 Debian Security Information: DSA-1586 (Google Search) http://www.debian.org/security/2008/dsa-1586 https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00244.html https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00287.html https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00357.html http://security.gentoo.org/glsa/glsa-200804-17.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:092 http://www.mandriva.com/security/advisories?name=MDVSA-2008:093 http://www.mandriva.com/security/advisories?name=MDVSA-2008:094 http://www.mandriva.com/security/advisories?name=MDVSA-2008:124 http://www.ocert.org/advisories/ocert-2008-004.html http://www.ocert.org/advisories/ocert-2008-2.html http://lists.xiph.org/pipermail/speex-dev/2008-April/006636.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10026 http://www.redhat.com/support/errata/RHSA-2008-0235.html http://www.securitytracker.com/id?1019875 http://secunia.com/advisories/29672 http://secunia.com/advisories/29727 http://secunia.com/advisories/29835 http://secunia.com/advisories/29845 http://secunia.com/advisories/29854 http://secunia.com/advisories/29866 http://secunia.com/advisories/29878 http://secunia.com/advisories/29880 http://secunia.com/advisories/29881 http://secunia.com/advisories/29882 http://secunia.com/advisories/29898 http://secunia.com/advisories/30104 http://secunia.com/advisories/30117 http://secunia.com/advisories/30119 http://secunia.com/advisories/30337 http://secunia.com/advisories/30353 http://secunia.com/advisories/30358 http://secunia.com/advisories/30581 http://secunia.com/advisories/30717 http://secunia.com/advisories/31393 http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.460836 SuSE Security Announcement: SUSE-SR:2008:012 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html SuSE Security Announcement: SUSE-SR:2008:013 (Google Search) http://www.novell.com/linux/security/advisories/2008_13_sr.html http://www.ubuntu.com/usn/usn-611-1 http://www.ubuntu.com/usn/usn-611-2 http://www.ubuntu.com/usn/usn-611-3 http://www.ubuntu.com/usn/usn-635-1 http://www.vupen.com/english/advisories/2008/1187/references http://www.vupen.com/english/advisories/2008/1228/references http://www.vupen.com/english/advisories/2008/1268/references http://www.vupen.com/english/advisories/2008/1269/references http://www.vupen.com/english/advisories/2008/1300/references http://www.vupen.com/english/advisories/2008/1301/references http://www.vupen.com/english/advisories/2008/1302/references XForce ISS Database: fishsound-libfishsound-speex-bo(41684) https://exchange.xforce.ibmcloud.com/vulnerabilities/41684
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.