Kaffeine, gxine: Remotely exploitable buffer overflow — GLSA 200411-14

Kaffeine and gxine both contain a buffer overflow that can be exploited when accessing content from a malicious HTTP server with specially crafted headers.

Affected packages

media-video/kaffeine on all architectures
Affected versions < 0.5_rc1-r1
Unaffected versions >= 0.5_rc1-r1
revision >= 0.4.3b-r1
media-video/gxine on all architectures
Affected versions < 0.3.3-r1
Unaffected versions >= 0.3.3-r1

Background

Kaffeine and gxine are graphical front-ends for xine-lib multimedia library.

Description

KF of Secure Network Operations has discovered an overflow that occurs during the Content-Type header processing of Kaffeine. The vulnerable code in Kaffeine is reused from gxine, making gxine vulnerable as well.

Impact

An attacker could create a specially-crafted Content-type header from a malicious HTTP server, and crash a user's instance of Kaffeine or gxine, potentially allowing the execution of arbitrary code.

Workaround

There is no known workaround at this time.

Resolution

All Kaffeine users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=media-video/kaffeine-0.4.3b-r1"

All gxine users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=media-video/gxine-0.3.3-r1"

References

Release date
November 07, 2004

Latest revision
May 22, 2006: 02

Severity
normal

Exploitable
remote

Bugzilla entries