Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2008-5236
HistoryNov 26, 2008 - 1:30 a.m.

Heap overflow

2008-11-2601:30:00
PRIOn knowledge base
www.prio-n.com
2

7.8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.106 Low

EPSS

Percentile

94.9%

JSON

Multiple heap-based buffer overflows in xine-lib 1.1.12, and other 1.1.15 and earlier versions, allow remote attackers to execute arbitrary code via vectors related to (1) a crafted EBML element length processed by the parse_block_group function in demux_matroska.c; (2) a certain combination of sps, w, and h values processed by the real_parse_audio_specific_data and demux_real_send_chunk functions in demux_real.c; and (3) an unspecified combination of three values processed by the open_ra_file function in demux_realaudio.c. NOTE: vector 2 reportedly exists because of an incomplete fix in 1.1.15.

CPENameOperatorVersion
xineeq1 beta3
xineeq1 rc0a
xineeq1 beta6
xineeq1.1.10.1
xineeq1.0.1
xineeq1 rc1
xineeq1 rc6a
xineeq1 beta4
xineeq1 rc8
xineeq1.1.0
Rows per page:
1-10 of 391

References

Related

cvelist 1
openvas 15
cve 1
ubuntucve 2
nessus 11
fedora 2
ubuntu 1
gentoo 1
cvelist
cvelist
CVE-2008-5236
2008-11-26 01:00:00
openvas
openvas
xine-lib < 1.1.16.1 Multiple Vulnerabilities
2008-08-27 00:00:00
Fedora Core 10 FEDORA-2009-0483 (xine-lib)
2009-01-20 00:00:00
Fedora Core 10 FEDORA-2009-0483 (xine-lib)
2009-01-20 00:00:00
cve
cve
CVE-2008-5236
2008-11-26 01:30:00
ubuntucve
ubuntucve
CVE-2008-5236
2008-11-26 00:00:00
CVE-2008-5240
2008-11-26 00:00:00
nessus
nessus
Fedora 10 : xine-lib-1.1.16-1.fc10 (2009-0483)
2009-04-23 00:00:00
Fedora 9 : xine-lib-1.1.16-1.fc9.1 (2009-0542)
2009-01-16 00:00:00
Mandriva Linux Security Advisory : xine-lib (MDVSA-2009:020)
2009-04-23 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: xine-lib-1.1.16-1.fc10
2009-01-15 03:02:41
[SECURITY] Fedora 9 Update: xine-lib-1.1.16-1.fc9.1
2009-01-15 03:07:21
ubuntu
ubuntu
xine-lib vulnerabilities
2009-01-26 00:00:00
gentoo
gentoo
xine-lib: User-assisted execution of arbitrary code
2010-06-01 00:00:00

7.8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.106 Low

EPSS

Percentile

94.9%

JSON
Related for PRION:CVE-2008-5236
cvelist1openvas15cve1ubuntucve2nessus11fedora2ubuntu1gentoo1