xine-lib
Page content
- Vulnerable: 1.1.11-1kalgan2
- Unaffected: 1.1.11-1kalgan3
A vulnerability has been reported in xine-lib, which can potentially be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to the use of vulnerable libfishsound; an input validation error when processing Speex headers, which can be exploited via a specially crafted Speex stream containing a negative “modeID” field in the header.
Successful exploitation may allow execution of arbitrary code.
- Bug Tracker URL: http://bugs.frugalware.org/task/3010