More vulnerabilities in xine-lib
Less than a week after the release of xine-lib 1.1.11, which plugged a security vulnerability when processing real time data streams, new vulnerabilities in the multimedia library have been found. Security researcher Luigi Auriemma has discovered bugs in the routines for processing various file formats which can cause heap overflows and could allow execution of injected code.
According to the security advisory from Auriemma, the security vulnerabilities are the result of incorrect calculation of target buffer sizes during copy operations. They can be provoked by attackers using crafted files. The parsers for the many file formats contain bugs of this type, all listed in the advisory. Users should, at least for now, avoid opening files in these formats using media players based on xine-lib, such as Totem and Kaffeine.
The numerous security vulnerabilities which have been turning up in xine-lib recently may prompt some users to switch to alternative media players such as MPlayer and VLC. However, there are unpatched security vulnerabilities in the current versions of both these players. VLC 0.8.6e can execute malicious code when processing crafted subtitle files, and MPlayer can do the same when presented with crafted streaming media files, MOV or FLAC files.