Package: alsaplayer Severity: grave Tags: security Hi, The following was released on: http://secunia.com/advisories/27117/
| Some vulnerabilities have been reported in AlsaPlayer, which potentially can be | exploited by malicious people to compromise a user's system. | | The vulnerabilities are caused due to boundary errors in the vorbis input | plug-in when processing .OGG files. These can be exploited to cause buffer | overflows via a specially crafted .OGG file with overly long comments. | | Successful exploitation may allow execution of arbitrary code. Kind regards Nico -- Nico Golde - http://ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgp5QaH81scF4.pgp
Description: PGP signature
