libxine -- multiple buffer overflows in RTSP

2004-05-25T00:00:00
ID 1B70BEF4-649F-11D9-A30E-000A95BC6FAE
Type freebsd
Reporter FreeBSD
Modified 2004-05-25T00:00:00

Description

A xine security announcement states:

Multiple vulnerabilities have been found and fixed in the Real-Time Streaming Protocol (RTSP) client for RealNetworks servers, including a series of potentially remotely exploitable buffer overflows. This is a joint advisory by the MPlayer and xine teams as the code in question is common to these projects. Severity: High (arbitrary remote code execution under the user ID running the player) when playing Real RTSP streams. At this time, there is no known exploit for these vulnerabilities.