SUSE CVE-2004-1300

Buffer overflow in the openaifffile function in demuxaiff.c for xine-lib libxine 1-rc7 allows remote attackers to execute arbitrary code via a crafted AIFF file...

SUSE CVE-2005-1195

Multiple heap-based buffer overflows in the code used to handle 1 MMS over TCP MMST streams or 2 RealMedia RTSP streams in xine-lib before 1.0, and other products that use xine-lib such as MPlayer 1.0pre6 and earlier, allow remote malicious servers to execute arbitrary code...

SUSE CVE-2005-2967

Format string vulnerability in inputcdda.c in xine-lib 1-beta through 1-beta 3, 1-rc, 1.0 through 1.0.2, and 1.1.1 allows remote servers to execute arbitrary code via format string specifiers in metadata in CDDB server responses when the victim plays a CD...

SUSE CVE-2006-2200

Stack-based buffer overflow in libmms, as used by a MiMMS 0.0.9 and b xine-lib 1.1.0 and earlier, allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via the 1 sendcommand, 2 stringutf16, 3 getdata, and 4 getmediapacket functions, and possibl...

SUSE CVE-2006-2802

Buffer overflow in the HTTP Plugin xinepluginphttp.so for xine-lib 1.1.1 allows remote attackers to cause a denial of service application crash via a long reply from an HTTP server, as demonstrated using gxine 0.5.6...

SUSE CVE-2006-4799

Buffer overflow in ffmpeg for xine-lib before 1.1.2 might allow context-dependent attackers to execute arbitrary code via a crafted AVI file and "bad indexes", a different vulnerability than CVE-2005-4048 and CVE-2006-2802...

SUSE CVE-2008-0073

Array index error in the sdpplinparse function in input/libreal/sdpplin.c in xine-lib 1.1.10.1 allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter...

SUSE CVE-2008-0225

Heap-based buffer overflow in the rmffdumpcont function in input/libreal/rmff.c in xine-lib 1.1.9 and earlier allows remote attackers to execute arbitrary code via the SDP Abstract attribute in an RTSP session, related to the rmffdumpheader function and related to disregarding the max field. NOTE...

SUSE CVE-2008-1110

Buffer overflow in demuxers/demuxasf.c aka the ASF demuxer in the xineplugdmxasf.so plugin in xine-lib before 1.1.10 allows remote attackers to execute arbitrary code or cause a denial of service crash via a crafted ASF header. NOTE: this issue leads to a crash when an attack uses the CVE-2006-16...

SUSE CVE-2008-1161

Buffer overflow in the Matroska demuxer demuxers/demuxmatroska.c in xine-lib before 1.1.10.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a Matroska file with invalid frame sizes...

SUSE CVE-2008-1482

Multiple integer overflows in xine-lib 1.1.11 and earlier allow remote attackers to trigger heap-based buffer overflows and possibly execute arbitrary code via 1 a crafted .FLV file, which triggers an overflow in demuxers/demuxflv.c; 2 a crafted .MOV file, which triggers an overflow in...

SUSE CVE-2008-1878

Stack-based buffer overflow in the demuxnsfsendchunk function in src/demuxers/demuxnsf.c in xine-lib 1.1.12 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long NSF title...

SUSE CVE-2008-5233

xine-lib 1.1.12, and other versions before 1.1.15, does not check for failure of malloc in circumstances including 1 the mymngprocessheader function in demuxmng.c, 2 the openmodfile function in demuxmod.c, and 3 framebuffer allocation in the realparseaudiospecificdata function in demuxreal.c, whi...

SUSE CVE-2008-5234

Multiple heap-based buffer overflows in xine-lib 1.1.12, and other versions before 1.1.15, allow remote attackers to execute arbitrary code via vectors related to 1 a crafted metadata atom size processed by the parsemoovatom function in demuxqt.c and 2 frame reading in the id3v23interpframe...

SUSE CVE-2008-5236

Multiple heap-based buffer overflows in xine-lib 1.1.12, and other 1.1.15 and earlier versions, allow remote attackers to execute arbitrary code via vectors related to 1 a crafted EBML element length processed by the parseblockgroup function in demuxmatroska.c; 2 a certain combination of sps, w,...

SUSE CVE-2008-5237

Multiple integer overflows in xine-lib 1.1.12, and other 1.1.15 and earlier versions, allow remote attackers to cause a denial of service crash or possibly execute arbitrary code via 1 crafted width and height values that are not validated by the mymngprocessheader function in demuxmng.c before u...

SUSE CVE-2008-5235

Heap-based buffer overflow in the demuxrealsendchunk function in src/demuxers/demuxreal.c in xine-lib before 1.1.15 allows remote attackers to execute arbitrary code via a crafted Real Media file. NOTE: some of these details are obtained from third party information...

SUSE CVE-2008-5240

xine-lib 1.1.12, and other 1.1.15 and earlier versions, relies on an untrusted input value to determine the memory allocation and does not check the result for 1 the MATROSKAIDTRCODECPRIVATE track entry element processed by demuxmatroska.c; and 2 PROPTAG, 3 MDPRTAG, and 4 CONTTAG chunks processed...

SUSE CVE-2008-5241

Integer underflow in demuxqt.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, allows remote attackers to cause a denial of service crash via a crafted media file that results in a small value of moovatomsize in a compressed MOV aka CMOVATOM...

SUSE CVE-2008-5243

The realparseheaders function in demuxreal.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, relies on an untrusted input length value to "reindex into an allocated buffer," which allows remote attackers to cause a denial of service crash via a crafted value, probably an array index...