[Frugalware-darcs] homepage-ng: FSA115-xine-ui
voroskoi
voroskoi at frugalware.org
Sun Feb 11 15:44:10 CET 2007
Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=homepage-ng;a=darcs_commitdiff;h=20070211144518-dd049-521baea57752847d40df2aa51bc97e2dfdff0c85.gz;
[FSA115-xine-ui
voroskoi <voroskoi at frugalware.org>**20070211144518] {
hunk ./frugalware/xml/security.xml 29
+ <fsa>
+ <id>115</id>
+ <date>2007-02-11</date>
+ <author>voroskoi</author>
+ <package>xine-ui</package>
+ <vulnerable>0.99.4-2</vulnerable>
+ <unaffected>0.99.4-3siwenna1</unaffected>
+ <bts>http://bugs.frugalware.org/task/1617</bts>
+ <cve>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0254</cve>
+ <desc>A vulnerability has been reported in xine-ui, which potentially can be exploited by malicious people to compromise a user's system.
+ The vulnerability is caused due to a format string error within the "errors_create_window()" function in errors.c. This may be exploited to execute arbitrary code by e.g. tricking a user into opening a specially crafted playlist file.</desc>
+ </fsa>
}
More information about the Frugalware-darcs
mailing list