CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
80.3%
Multiple stack-based buffer overflows in xine-lib 1-rc2 through 1-rc5 allow attackers to execute arbitrary code via (1) long VideoCD vcd:// MRLs or (2) long subtitle lines.
Vendor | Product | Version | CPE |
---|---|---|---|
xine | xine | 0.9.18 | cpe:2.3:a:xine:xine:0.9.18:*:*:*:*:*:*:* |
xine | xine | 1_rc2 | cpe:2.3:a:xine:xine:1_rc2:*:*:*:*:*:*:* |
xine | xine | 1_rc3 | cpe:2.3:a:xine:xine:1_rc3:*:*:*:*:*:*:* |
xine | xine | 1_rc4 | cpe:2.3:a:xine:xine:1_rc4:*:*:*:*:*:*:* |
xine | xine | 1_rc5 | cpe:2.3:a:xine:xine:1_rc5:*:*:*:*:*:*:* |
xine | xine-lib | 0.99 | cpe:2.3:a:xine:xine-lib:0.99:*:*:*:*:*:*:* |
xine | xine-lib | 1_rc2 | cpe:2.3:a:xine:xine-lib:1_rc2:*:*:*:*:*:*:* |
xine | xine-lib | 1_rc3 | cpe:2.3:a:xine:xine-lib:1_rc3:*:*:*:*:*:*:* |
xine | xine-lib | 1_rc4 | cpe:2.3:a:xine:xine-lib:1_rc4:*:*:*:*:*:*:* |
xine | xine-lib | 1_rc5 | cpe:2.3:a:xine:xine-lib:1_rc5:*:*:*:*:*:*:* |
security.gentoo.org/glsa/glsa-200408-18.xml
www.gentoo.org/security/en/glsa/glsa-200409-30.xml
www.securityfocus.com/archive/1/375485/2004-09-02/2004-09-08/0
www.securityfocus.com/bid/11206
xinehq.de/index.php/security/XSA-2004-4
exchange.xforce.ibmcloud.com/vulnerabilities/17430
exchange.xforce.ibmcloud.com/vulnerabilities/17432