Lucene search
MitreCVE-2008-5248HistoryNov 26, 2008 - 1:30 a.m.
CVE-2008-5248
2008-11-2601:30:00
CWE-20
mitre
web.nvd.nist.gov
35
xine-lib
denial of service
cve-2008-5248
nvd
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
AI Score
7.2
Confidence
High
EPSS
0.007
Percentile
80.3%
xine-lib before 1.1.15 allows remote attackers to cause a denial of service (crash) via “MP3 files with metadata consisting only of separators.”
Affected configurations
Node
xinexine-libRange≤1.1.15
ORxinexine-libMatch0.9.13
ORxinexine-libMatch1rc0a
ORxinexine-libMatch1rc1
ORxinexine-libMatch1rc2
ORxinexine-libMatch1rc3
ORxinexine-libMatch1rc3a
ORxinexine-libMatch1rc3b
ORxinexine-libMatch1rc3c
ORxinexine-libMatch1rc4
ORxinexine-libMatch1rc4a
ORxinexine-libMatch1rc5
ORxinexine-libMatch1rc6a
ORxinexine-libMatch1rc7
ORxinexine-libMatch1rc8
ORxinexine-libMatch1.0
ORxinexine-libMatch1.0.1
ORxinexine-libMatch1.0.2
ORxinexine-libMatch1.0.3a
ORxinexine-libMatch1.1.0
ORxinexine-libMatch1.1.1
ORxinexine-libMatch1.1.2
ORxinexine-libMatch1.1.3
ORxinexine-libMatch1.1.4
ORxinexine-libMatch1.1.5
ORxinexine-libMatch1.1.6
ORxinexine-libMatch1.1.7
ORxinexine-libMatch1.1.8
ORxinexine-libMatch1.1.9
ORxinexine-libMatch1.1.9.1
ORxinexine-libMatch1.1.10
ORxinexine-libMatch1.1.10.1
ORxinexine-libMatch1.1.11
ORxinexine-libMatch1.1.11.1
ORxinexine-libMatch1.1.12
ORxinexine-libMatch1.1.13
ORxinexine-libMatch1.1.14
ORxinexine-libMatch1_beta1
ORxinexine-libMatch1_beta2
ORxinexine-libMatch1_beta3
ORxinexine-libMatch1_beta4
ORxinexine-libMatch1_beta5
ORxinexine-libMatch1_beta6
ORxinexine-libMatch1_beta7
ORxinexine-libMatch1_beta8
ORxinexine-libMatch1_beta9
ORxinexine-libMatch1_beta10
ORxinexine-libMatch1_beta11
ORxinexine-libMatch1_beta12
| Vendor | Product | Version | CPE |
|---|---|---|---|
| xine | xine-lib | * | cpe:2.3:a:xine:xine-lib:*:*:*:*:*:*:*:* |
| xine | xine-lib | 0.9.13 | cpe:2.3:a:xine:xine-lib:0.9.13:*:*:*:*:*:*:* |
| xine | xine-lib | 1 | cpe:2.3:a:xine:xine-lib:1:rc0a:*:*:*:*:*:* |
| xine | xine-lib | 1 | cpe:2.3:a:xine:xine-lib:1:rc1:*:*:*:*:*:* |
| xine | xine-lib | 1 | cpe:2.3:a:xine:xine-lib:1:rc2:*:*:*:*:*:* |
| xine | xine-lib | 1 | cpe:2.3:a:xine:xine-lib:1:rc3:*:*:*:*:*:* |
| xine | xine-lib | 1 | cpe:2.3:a:xine:xine-lib:1:rc3a:*:*:*:*:*:* |
| xine | xine-lib | 1 | cpe:2.3:a:xine:xine-lib:1:rc3b:*:*:*:*:*:* |
| xine | xine-lib | 1 | cpe:2.3:a:xine:xine-lib:1:rc3c:*:*:*:*:*:* |
| xine | xine-lib | 1 | cpe:2.3:a:xine:xine-lib:1:rc4:*:*:*:*:*:* |
Related
debiancve
debiancve
CVE-2008-5248
2008-11-26 01:30:00
ubuntucve
ubuntucve
CVE-2008-5248
2008-11-26 00:00:00
prion
prion
Code injection
2008-11-26 01:30:00
cvelist
cvelist
CVE-2008-5248
2008-11-26 01:00:00
nvd
nvd
CVE-2008-5248
2008-11-26 01:30:00
openvas
openvas
Mandriva Security Advisory MDVSA-2009:298 (xine-lib)
2009-11-17 00:00:00
Mandriva Security Advisory MDVSA-2009:298 (xine-lib)
2009-11-17 00:00:00
Ubuntu: Security Advisory (USN-710-1)
2009-02-02 00:00:00
nessus
nessus
openSUSE Security Update : xine-devel (xine-devel-483)
2009-07-21 00:00:00
SuSE 10 Security Update : xine (ZYPP Patch Number 5965)
2011-01-27 00:00:00
ubuntu
ubuntu
xine-lib vulnerabilities
2009-01-26 00:00:00
gentoo
gentoo
xine-lib: User-assisted execution of arbitrary code
2010-06-01 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
AI Score
7.2
Confidence
High
EPSS
0.007
Percentile
80.3%
Related for CVE-2008-5248