|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[SA11433] Xine Playlists can Overwrite Arbitrary Files
From: Secunia Security Advisories (sec-adv
secunia.com)
Date: Thu Apr 22 2004 - 04:21:42 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
TITLE:
Xine Playlists can Overwrite Arbitrary Files
SECUNIA ADVISORY ID:
SA11433
VERIFY ADVISORY:
http://secunia.com/advisories/11433/
CRITICAL:
Less critical
IMPACT:
Manipulation of data
WHERE:
From remote
SOFTWARE:
xine-lib 1.x
xine-ui 0.x
DESCRIPTION:
The vendor has reported a vulnerability in xine-ui and xine-lib,
allowing malicious people to overwrite arbitrary files on a user's
system.
The problem is that playlists can alter options in the configuration
file. On certain platforms, the audio device is specified as a file,
which decoded output is written to. This allows malicious people to
construct playlists, which can overwrite arbitrary files with the
privileges of the current user.
The vulnerability is known to affect Sun systems, and systems with
DXR2 and Hollywood+ MPEG decoder cards. However, other configurations
and operating systems may also be affected.
The following versions are affected:
* xine-lib development versions up to and including 1-rc3a
* xine-ui versions 0.9.21 to 0.9.23
SOLUTION:
Do not open playlists from untrusted sources.
Do not run the program as a privileged user.
xine-lib versions 0.9 and prior are not affected. The vulnerability
has been fixed in version 1-rc3b.
xine-ui versions prior to 0.9.21 are not affected. The vulnerability
has been fixed in CVS HEAD and in the upcoming 0.99.1.
PROVIDED AND/OR DISCOVERED BY:
Reported by vendor.
ORIGINAL ADVISORY:
http://www.xinehq.de/index.php/security/XSA-2004-1
http://www.xinehq.de/index.php/security/XSA-2004-2
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
----------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]