Detections
Analytics

SuSE 10 Security Update : Realplayer and banshee (ZYPP Patch Number 7122)

high Nessus Plugin ID 51689

Language:

Synopsis

The remote SuSE 10 host is missing a security-related patch.

Description

The security support of Real Player 10 was discontinued a while ago by Real Networks.

As there are known critical security problems in Real Player 10 and we are unable to fix them nor update to Real Player 11, we are disabling this player.

The media player of SUSE Linux Enterprise Desktop 10, Helix Banshee, has been switched to use the Fluendo GSTreamer MP3 codec included in this update to keep MP3 playing abilities.

Solution

Apply ZYPP patch number 7122.

See Also

http://support.novell.com/security/cve/CVE-2009-4242.html

http://support.novell.com/security/cve/CVE-2009-4245.html

http://support.novell.com/security/cve/CVE-2009-4247.html

http://support.novell.com/security/cve/CVE-2009-4248.html

http://support.novell.com/security/cve/CVE-2009-4257.html

http://support.novell.com/security/cve/CVE-2010-0416.html

http://support.novell.com/security/cve/CVE-2010-0417.html

Plugin Details

Severity: High

ID: 51689

File Name: suse_RealPlayer-7122.nasl

Version: 1.8

Type: local

Agent: unix

Published: 1/27/2011

Updated: 1/14/2021

Supported Sensors: Continuous Assessment, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:suse:suse_linux

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 8/27/2010

Vulnerability Publication Date: 1/25/2010

Reference Information

CVE: CVE-2009-4242, CVE-2009-4245, CVE-2009-4247, CVE-2009-4248, CVE-2009-4257, CVE-2010-0416, CVE-2010-0417

CWE: 119