Another vulnerability in xine-lib
The developers of xine scarcely have a moment's rest these days. Following their efforts in recent months to patch several security holes in the library, Secunia has discovered a new vulnerability that allows attackers to inject arbitrary code. According to the Secunia security advisory, the sdpplin_parse() function in the input/libreal/sdpplin.c file fails to check the length of the streamid SDP parameter in a real time streaming protocol (RTSP) stream, potentially resulting in a buffer overflow. This can enable attackers to overwrite memory arbitrarily with manipulated data streams and execute injected code or even a trojan.
There is currently no patch available to remedy the vulnerability. However, Secunia states that one should be available soon. Until Linux distributors distribute updated packets, applications that use xine-lib should not be used to open any RTSP data streams.
See also:
- xine-lib "sdpplin_parse()" Array Indexing Vulnerability, Secunia security advisory
(mba)