| Secunia Advisory:
|
SA29850
|
|
|
Release Date:
|
2008-04-17
|
|
|
Critical:
|
Highly critical
|
|
Impact:
|
System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Unpatched
|
|
| Software: | xine-lib 1.x |
Description:
Guido Landi has discovered a vulnerability in
xine-lib, which can be exploited by malicious people to compromise a
user"s system.
The vulnerability is caused due to a boundary error within the
"demux_nsf_send_chunk()" function in src/demuxers/demux_nsf.c. This can
be exploited to cause a stack-based buffer overflow via an overly long
NSF title.
The vulnerability is confirmed in version 1.1.12. Other versions may also be affected.
Solution:
Do not open process untrusted files with xine-lib.
Provided and/or discovered by:
Guido Landi
Original Advisory:
http://milw0rm.com/exploits/5458
|
