Mandriva Linux Security Advisory 2009-299 – Integer overflow in the qt_error parse_trak_atom function in demuxers/demux_qt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, which triggers a heap-based buffer overflow. Integer overflow in the 4xm demuxer (demuxers/demux_4xm.c) in xine-lib 1.1.16.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a 4X movie file with a large current_track value, a similar issue to CVE-2009-0385. This update fixes these issues.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/82687/MDVSA-2009-299.txt
Source: https://packetstormsecurity.com/files/82687/Mandriva-Linux-Security-Advisory-2009-299.html