4 matches found
FreeBSD : xine-lib arbitrary file overwrite (e50b04e8-9c55-11d8-9366-0020ed76ef5a)
From the xinehq advisory : By opening a malicious MRL in any xine-lib based media player, an attacker can write arbitrary content to an arbitrary file, only restricted by the permissions of the user running the application. The flaw is a result of a feature that allows MRLs media resource locator...
CVE-2004-1951
CVE-2004-1951 affects xine 1.x (alpha/beta, 1.0rc through 1.0rc3a) and xine-ui 0.9.21–0.9.23. The vulnerability allows a remote attacker to overwrite arbitrary files via MRL links using the audio.sun_audio_device or dxr3.devicename options. Impact is arbitrary file writes within the permissions o...
CVE-2004-1951
xine 1.x alpha, 1.x beta, and 1.0rc through 1.0rc3a, and xine-ui 0.9.21 to 0.9.23 allows remote attackers to overwrite arbitrary files via the 1 audio.sunaudiodevice or 2 dxr3.devicename options in an MRL link...
DEBIAN-CVE-2004-1951
xine 1.x alpha, 1.x beta, and 1.0rc through 1.0rc3a, and xine-ui 0.9.21 to 0.9.23 allows remote attackers to overwrite arbitrary files via the 1 audio.sunaudiodevice or 2 dxr3.devicename options in an MRL link...