The host has xine-lib installed, which prone to multiple vulnerabilities.
Remote exploitation could allow execution of arbitrary code to cause head-based buffer overflow via a specially crafted RealAudio or Matroska file. Impact Level : Application/System
Update to version 18.104.22.168 or later, For updates refer to http://www.linuxfromscratch.org/blfs/view/svn/multimedia/xine-lib.html
The flaws are due to overflow errors that exist in open_ra_file() in demux_realaudio.c, parse_block_group() in demux_matroska.c, and eal_parse_audio_specific_data() in demux_real.c methods.
xine-lib versions 1.1.15 and prior on Linux (All).
Updated on 2015-03-25
- VLC Media Player Stack Overflow Vulnerability (Win-Mar09)
- VLC Media Player USF and Text Subtitles Decoders BOF Vulnerabilities (Linux)
- Blue Coat K9 Web Protection Multiple Buffer Overflow Vulnerabilities
- VLC Media Player OGG Demuxer Buffer Overflow Vulnerability (Windows)
- IpTools Tiny TCP/IP Servers Remote Buffer Overflow Vulnerability