Novell Home

CVE-2009-0698

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

CVE-2009-0698 at MITRE

Details

Integer overflow in the 4xm demuxer (demuxers/demux_4xm.c) in xine-lib 1.1.16.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a 4X movie file with a large current_track value, a similar issue to CVE-2009-0385.
Novell Bugzilla entry: 473825

SUSE Security Advisories:

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 10 SP2 for x86
  • xine-devel >= 1.1.1-24.46
  • xine-lib >= 1.1.1-24.46
 sled10-sp2. x86-64
sles10-sp2-sdk. x86-64
sles10-sp2-sdk. ppc
sles10-sp2-sdk. x86
sles10-sp2-sdk. s390x
sles10-sp2-sdk. ia64
sled10-sp2. x86
ZYPP Patch Nr: 6050
SUSE Linux Enterprise Desktop 10 SP2 for AMD64 and Intel EM64T
  • xine-devel >= 1.1.1-24.46
  • xine-lib >= 1.1.1-24.46
  • xine-lib-32bit >= 1.1.1-24.46
 sled10-sp2. x86-64
sles10-sp2-sdk. x86-64
sles10-sp2-sdk. ppc
sles10-sp2-sdk. x86
sles10-sp2-sdk. s390x
sles10-sp2-sdk. ia64
sled10-sp2. x86
ZYPP Patch Nr: 6050
SLE SDK 10 SP2 for x86
  • xine-devel >= 1.1.1-24.46
  • xine-extra >= 1.1.1-24.46
  • xine-lib >= 1.1.1-24.46
  • xine-ui >= 0.99.4-32.42
 sled10-sp2. x86-64
sles10-sp2-sdk. x86-64
sles10-sp2-sdk. ppc
sles10-sp2-sdk. x86
sles10-sp2-sdk. s390x
sles10-sp2-sdk. ia64
sled10-sp2. x86
ZYPP Patch Nr: 6050
SLE SDK 10 SP2 for IPF
  • xine-devel >= 1.1.1-24.46
  • xine-extra >= 1.1.1-24.46
  • xine-lib >= 1.1.1-24.46
  • xine-lib-x86 >= 1.1.1-24.46
  • xine-ui >= 0.99.4-32.42
 sled10-sp2. x86-64
sles10-sp2-sdk. x86-64
sles10-sp2-sdk. ppc
sles10-sp2-sdk. x86
sles10-sp2-sdk. s390x
sles10-sp2-sdk. ia64
sled10-sp2. x86
ZYPP Patch Nr: 6050
SLE SDK 10 SP2 for IBM iSeries and IBM pSeries
  • xine-devel >= 1.1.1-24.46
  • xine-extra >= 1.1.1-24.46
  • xine-lib >= 1.1.1-24.46
  • xine-lib-64bit >= 1.1.1-24.46
  • xine-ui >= 0.99.4-32.42
 sled10-sp2. x86-64
sles10-sp2-sdk. x86-64
sles10-sp2-sdk. ppc
sles10-sp2-sdk. x86
sles10-sp2-sdk. s390x
sles10-sp2-sdk. ia64
sled10-sp2. x86
ZYPP Patch Nr: 6050
SLE SDK 10 SP2 for IBM zSeries
SLE SDK 10 SP2 for X86-64
  • xine-devel >= 1.1.1-24.46
  • xine-extra >= 1.1.1-24.46
  • xine-lib >= 1.1.1-24.46
  • xine-lib-32bit >= 1.1.1-24.46
  • xine-ui >= 0.99.4-32.42
 sled10-sp2. x86-64
sles10-sp2-sdk. x86-64
sles10-sp2-sdk. ppc
sles10-sp2-sdk. x86
sles10-sp2-sdk. s390x
sles10-sp2-sdk. ia64
sled10-sp2. x86
ZYPP Patch Nr: 6050
openSUSE 10.3
  • xine-devel >= 1.1.8-14.14
  • xine-extra >= 1.1.8-14.14
  • xine-lib >= 1.1.8-14.14
  • xine-lib-32bit >= 1.1.8-14.14
  • xine-lib-64bit >= 1.1.8-14.14
 ZYPP Patch Nr: 6052
SAT Patch Nr: 582
openSUSE 11.0
  • xine-lib-debuginfo >= 1.1.12-8.5
  • xine-lib-debugsource >= 1.1.12-8.5
 ZYPP Patch Nr: 6052
SAT Patch Nr: 582
openSUSE 11.0
  • xine-devel >= 1.1.12-8.5
  • xine-extra >= 1.1.12-8.5
  • xine-lib >= 1.1.12-8.5
  • xine-lib-32bit >= 1.1.12-8.5
  • xine-lib-64bit >= 1.1.12-8.5
 ZYPP Patch Nr: 6052
SAT Patch Nr: 582
openSUSE 11.1
  • xine-lib-debuginfo >= 1.1.15-23.3.3
  • xine-lib-debugsource >= 1.1.15-23.3.3
 ZYPP Patch Nr: 6052
SAT Patch Nr: 582
openSUSE 11.1
  • libxine-devel >= 1.1.15-23.3.3
  • libxine1 >= 1.1.15-23.3.3
  • libxine1-32bit >= 1.1.15-23.3.3
  • libxine1-gnome-vfs >= 1.1.15-23.3.3
  • libxine1-pulse >= 1.1.15-23.3.3
 ZYPP Patch Nr: 6052
SAT Patch Nr: 582
SLES 11 DEBUGINFO
  • xine-lib-debuginfo >= 1.1.15-23.1.2
  • xine-lib-debugsource >= 1.1.15-23.1.2
 sle11-debuginfo. ia64
sle11-debuginfo. s390x
sle11-debuginfo. ppc
sle11-debuginfo. ppc
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. s390x
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. x86
sle11-debuginfo. x86-64
SAT Patch Nr: 643
SLE 11
  • libxine-devel >= 1.1.15-23.1.2
  • libxine1 >= 1.1.15-23.1.2
  • libxine1-gnome-vfs >= 1.1.15-23.1.2
  • libxine1-pulse >= 1.1.15-23.1.2
 sle11-debuginfo. ia64
sle11-debuginfo. s390x
sle11-debuginfo. ppc
sle11-debuginfo. ppc
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. s390x
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. x86
sle11-debuginfo. x86-64
SAT Patch Nr: 643
SLE 11
  • libxine-devel >= 1.1.15-23.1.2
  • libxine1 >= 1.1.15-23.1.2
  • libxine1-32bit >= 1.1.15-23.1.2
  • libxine1-gnome-vfs >= 1.1.15-23.1.2
  • libxine1-pulse >= 1.1.15-23.1.2
 sle11-debuginfo. ia64
sle11-debuginfo. s390x
sle11-debuginfo. ppc
sle11-debuginfo. ppc
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. s390x
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. x86
sle11-debuginfo. x86-64
SAT Patch Nr: 643
SLED 11
  • libxine1 >= 1.1.15-23.1.2
  • libxine1-gnome-vfs >= 1.1.15-23.1.2
  • libxine1-pulse >= 1.1.15-23.1.2
 sle11-debuginfo. ia64
sle11-debuginfo. s390x
sle11-debuginfo. ppc
sle11-debuginfo. ppc
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. s390x
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. x86
sle11-debuginfo. x86-64
SAT Patch Nr: 643

Novell® Making IT Work As One

© 2009 Novell, Inc. All Rights Reserved.