Advisories MDKSA-2006:121: Updated xine-lib packages fix buffer overflow vulnerability

[paul]

Stack-based buffer overflow in MiMMS 0.0.9 allows remote attackers to cause

a denial of service (application crash) and possibly execute arbitrary code

via the (1) send_command, (2) string_utf16, (3) get_data, and (4)

get_media_packet functions, and possibly other functions. Xine-lib contains

an embedded copy of the same vulnerable code.

 

The updated packages have been patched to correct this issue.