Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSD20E23B65-A52E-11E3-AE3A-00224D7C32A2
HistoryFeb 06, 2007 - 12:00 a.m.

xmms -- Integer Overflow And Underflow Vulnerabilities

2007-02-0600:00:00
vuxml.freebsd.org
12

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.243 Low

EPSS

Percentile

96.6%

JSON

Secunia reports:

Secunia Research has discovered two vulnerabilities in XMMS, which can
be exploited by malicious people to compromise a user’s system.

  1. An integer underflow error exists in the processing of skin bitmap
    images. This can be exploited to cause a stack-based buffer overflow
    via specially crafted skin images containing manipulated header
    information.
    Successful exploitation allows execution of arbitrary code.
  2. An integer overflow error exists in the processing of skin bitmap
    images. This can be exploited to cause memory corruption via specially
    crafted skin images containing manipulated header information.
    Successful exploitation may allow the execution of arbitrary code.
OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchxmms<= 1.2.11_20UNKNOWN

Related

nessus 8
securityvulns 2
openvas 10
ubuntu 1
debian 2
fedora 2
cve 2
prion 2
ubuntucve 2
nessus
nessus
Debian DSA-1277-1 : XMMS - several vulnerabilities
2007-04-10 00:00:00
SuSE9 Security Update : XMMS (YOU Patch Number 11483)
2009-09-24 00:00:00
openSUSE 10 Security Update : xmms (xmms-3073)
2007-10-17 00:00:00
securityvulns
securityvulns
XMMS multimedia player multiple integer overflows
2007-03-22 00:00:00
Secunia Research: XMMS Integer Overflow and Underflow Vulnerabilities
2007-03-22 00:00:00
openvas
openvas
SLES9: Security update for XMMS
2009-10-10 00:00:00
Ubuntu: Security Advisory (USN-445-1)
2009-03-23 00:00:00
Debian: Security Advisory (DSA-1277-1)
2008-01-17 00:00:00
ubuntu
ubuntu
XMMS vulnerabilities
2007-03-27 00:00:00
debian
debian
[SECURITY] [DSA 1277-1] New XMMS packages fix arbitrary code execution
2007-04-04 22:04:39
[SECURITY] [DSA 1277-1] New XMMS packages fix arbitrary code execution
2007-04-04 22:04:39
fedora
fedora
[SECURITY] Fedora 14 Update: xmms-1.2.11-15.20071117cvs.fc14
2011-07-26 03:30:35
[SECURITY] Fedora 15 Update: xmms-1.2.11-15.20071117cvs.fc15
2011-07-26 03:48:00
cve
cve
CVE-2007-0653
2007-03-21 22:19:00
CVE-2007-0654
2007-03-21 22:19:00
prion
prion
Integer overflow
2007-03-21 22:19:00
Design/Logic Flaw
2007-03-21 22:19:00
ubuntucve
ubuntucve
CVE-2007-0653
2007-03-21 00:00:00
CVE-2007-0654
2007-03-21 00:00:00

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.243 Low

EPSS

Percentile

96.6%

JSON
Related for 20E23B65-A52E-11E3-AE3A-00224D7C32A2
nessus8securityvulns2openvas10ubuntu1debian2fedora2cve2prion2ubuntucve2