CentOS 3 / 4 : gnome-vfs2 (CESA-2009:0005)

Updated GNOME VFS packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1, 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. GNOME VFS is the GNOME virtual file system. It provides a modular architecture and...

RedHat Security Advisory RHSA-2009:0005

The remote host is missing updates announced in advisory RHSA-2009:0005. GNOME VFS is the GNOME virtual file system. It provides a modular architecture and ships with several modules that implement support for various local and remote file systems as well as numerous protocols, including HTTP, FT...

FreeBSD : mplayer -- multiple vulnerabilities (de4d4110-ebce-11dc-ae14-0016179b2dd5)

The Mplayer team reports : A buffer overflow was found in the code used to extract album titles from CDDB server answers. When parsing answers from the CDDB server, the album title is copied into a fixed-size buffer with insufficient size checks, which may cause a buffer overflow. A malicious...

MPlayer buffer overflow

Buffer overflow on parsing CDDB server data...

CVE-2006-4089

Multiple buffer overflows in Andy Lo-A-Foe AlsaPlayer 0.99.76 and earlier allow remote attackers to cause a denial of service application crash, or have other unknown impact, via 1 a long Location field sent by a web server, which triggers an overflow in the reconnect function in...

CVE-2006-4089

Multiple buffer overflows in Andy Lo-A-Foe AlsaPlayer 0.99.76 and earlier allow remote attackers to cause a denial of service application crash, or have other unknown impact, via 1 a long Location field sent by a web server, which triggers an overflow in the reconnect function in...

CVE-2006-4089

Multiple buffer overflows in Andy Lo-A-Foe AlsaPlayer 0.99.76 and earlier allow remote attackers to cause a denial of service application crash, or have other unknown impact, via 1 a long Location field sent by a web server, which triggers an overflow in the reconnect function in...

CVE-2006-4089

Multiple buffer overflows in Andy Lo-A-Foe AlsaPlayer 0.99.76 and earlier allow remote attackers to cause a denial of service application crash, or have other unknown impact, via 1 a long Location field sent by a web server, which triggers an overflow in the reconnect function in...

Multiple buffer-overflows in AlsaPlayer 0.99.76

Luigi Auriemma Application: AlsaPlayer http://www.alsaplayer.org Versions: = 0.99.76 and current CVS Platforms: nix and others Bugs: A buffer-overflow in reconnect's redirection B buffer-overflow in GTK playlist C buffer-overflow in cddblookup Exploitation: remote and local Date: 09 Aug 2006...

Mandrake Linux Security Advisory : xine-lib (MDKSA-2005:180)

When playing an Audio CD, a xine-lib based media application contacts a CDDB server to retrieve metadata like the title and artist's name. During processing of this data, a response from the server, which is located in memory on the stack, is passed to the fprintf function as a format string. An...

CVE-2005-2967

Format string vulnerability in inputcdda.c in xine-lib 1-beta through 1-beta 3, 1-rc, 1.0 through 1.0.2, and 1.1.1 allows remote servers to execute arbitrary code via format string specifiers in metadata in CDDB server responses when the victim plays a CD...

CVE-2005-2967

Format string vulnerability in inputcdda.c in xine-lib 1-beta through 1-beta 3, 1-rc, 1.0 through 1.0.2, and 1.1.1 allows remote servers to execute arbitrary code via format string specifiers in metadata in CDDB server responses when the victim plays a CD...

CVE-2005-2967

Format string vulnerability in inputcdda.c in xine-lib 1-beta through 1-beta 3, 1-rc, 1.0 through 1.0.2, and 1.1.1 allows remote servers to execute arbitrary code via format string specifiers in metadata in CDDB server responses when the victim plays a CD...

CVE-2005-2967

CVE-2005-2967 is a format-string vulnerability in xine-lib’s CDDB processing. The flaw exists in xine-lib 1-beta through 1-beta 3, 1-rc, 1.0 through 1.0.2, and 1.1.1, allowing a remote attacker to execute arbitrary code via specially crafted CDDB responses when a CD is played. The issue is tied t...

GLSA-200510-08 : xine-lib: Format string vulnerability

The remote host is affected by the vulnerability described in GLSA-200510-08 xine-lib: Format string vulnerability Ulf Harnhammar discovered a format string bug in the routines handling CDDB server response contents. Impact : An attacker could submit malicious information about an audio CD to a...

xine-lib <= 1.1 (media player library) Remote Format String Exploit

No description provided by source. !/usr/bin/perl -- When playing an Audio CD, using xine-lib based media application, the library contacts a CDDB server to retrieve metadata like the title and artist's name. During processing of this data, a response from the server, which is located in memory o...

Xine-Lib 1.1 - Media Player Library Remote Format String

Xine-Lib 1.1 - Media Player Library Remote Format String !/usr/bin/perl -- When playing an Audio CD, using xine-lib based media application, the library contacts a CDDB server to retrieve metadata like the title and artist's name. During processing of this data, a response from the server, which ...

xine-lib media player library format string bug

Format string bug on CDDB server reponse parsing...

xine-lib <= 1.1 (media player library) Remote Format String Exploit

Exploit for linux platform in category remote exploits =================================================================== xine-lib = 1.1 media player library Remote Format String Exploit =================================================================== !/usr/bin/perl -- When playing an Audio C...

Xine-Lib 1.1 - &#039;Media Player Library&#039; Remote Format String

!/usr/bin/perl -- When playing an Audio CD, using xine-lib based media application, the library contacts a CDDB server to retrieve metadata like the title and artist's name. During processing of this data, a response from the server, which is located in memory on the stack, is passed to the fprin...