Vulnerability Solutions |
||
| The WatchMouse Periodic Vulnerability Scan checks for the vulnerability below. To see the most recently added vulnerability solutions that are scanned by WatchMouse, go to the Vulnerability Solutions overview | ||
| Category: Gentoo Local Security Checks | Risk factor: Medium | Added: 4 Dec 2008 |
| The remote host is affected by the vulnerability described in GLSA-200812-05 (libsamplerate: User-assisted execution of arbitrary code) Russell O'Connor reported a buffer overflow in src/src_sinc.c related to low conversion ratios. Impact A remote attacker could entice a user or automated system to process a specially crafted audio file possibly leading to the execution of arbitrary code with the privileges of the user running the application. Workaround There is no known workaround at this time. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5008 Solution: All libsamplerate users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/libsamplerate-0.1.4" Risk factor: Medium |
||
