rss-bot
March 16th, 2009, 04:50 PM
Referenced CVEs:
CVE-2009-0586
Description:
================================================== ========= Ubuntu Security Notice USN-735-1 March 16, 2009 gst-plugins-base0.10 vulnerability CVE-2009-0586 ================================================== ========= A security issue affects the following Ubuntu releases: Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.10: gstreamer0.10-plugins-base 0.10.21-3ubuntu0.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that the Base64 decoding functions in GStreamer Base Plugins did not properly handle large images in Vorbis file tags. If a user were tricked into opening a specially crafted Vorbis file, an attacker could possibly execute arbitrary code with user privileges.
More... (http://www.ubuntu.com/usn/USN-735-1)
CVE-2009-0586
Description:
================================================== ========= Ubuntu Security Notice USN-735-1 March 16, 2009 gst-plugins-base0.10 vulnerability CVE-2009-0586 ================================================== ========= A security issue affects the following Ubuntu releases: Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.10: gstreamer0.10-plugins-base 0.10.21-3ubuntu0.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that the Base64 decoding functions in GStreamer Base Plugins did not properly handle large images in Vorbis file tags. If a user were tricked into opening a specially crafted Vorbis file, an attacker could possibly execute arbitrary code with user privileges.
More... (http://www.ubuntu.com/usn/USN-735-1)