Lucene search
HistoryFeb 13, 2005 - 5:00 a.m.
CVE-2004-1476
cve-2004-1476
videocd
buffer overflow
xine-lib
libcdio
code execution
security vulnerability
5.1 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
7.6 High
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
74.0%
Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows attackers to execute arbitrary code via a VideoCD with an unterminated disk label.
Affected configurations
Node
xinexineMatch0.9.18
ORxinexineMatch1_rc2
ORxinexineMatch1_rc3
ORxinexineMatch1_rc4
ORxinexineMatch1_rc5
ORxinexine-libMatch0.99
ORxinexine-libMatch1_rc2
ORxinexine-libMatch1_rc3
ORxinexine-libMatch1_rc4
ORxinexine-libMatch1_rc5
Node
susesuse_linuxMatch8.0
ORsusesuse_linuxMatch8.1
ORsusesuse_linuxMatch8.2personal
ORsusesuse_linuxMatch9.0personal
ORsusesuse_linuxMatch9.0x86_64
ORsusesuse_linuxMatch9.1personal
ORsusesuse_linuxMatch9.2personal
Related
cvelist
cvelist
CVE-2004-1476
2005-02-13 05:00:00
nvd
nvd
CVE-2004-1476
2004-12-31 05:00:00
openvas
openvas
FreeBSD Ports: libxine
2008-09-04 00:00:00
FreeBSD Ports: libxine
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200409-30 (xine-lib)
2008-09-24 00:00:00
debiancve
debiancve
CVE-2004-1476
2005-02-13 05:00:00
nessus
nessus
GLSA-200409-30 : xine-lib: Multiple vulnerabilities
2004-09-23 00:00:00
Mandrake Linux Security Advisory : xine-lib (MDKSA-2004:105)
2004-10-08 00:00:00
gentoo
gentoo
xine-lib: Multiple vulnerabilities
2004-09-22 00:00:00
5.1 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
7.6 High
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
74.0%
Related for CVE-2004-1476