3 matches found
openSUSE Security Update : xine-devel (xine-devel-483)
This update of xine fixes multiple buffer overflows while parsing files : - CVE-2008-3231 - CVE-2008-5233 - CVE-2008-5234 - CVE-2008-5235 - CVE-2008-5236 - CVE-2008-5237 - CVE-2008-5238 - CVE-2008-5239 - CVE-2008-5240 - CVE-2008-5241 - CVE-2008-5242 - CVE-2008-5243 - CVE-2008-5244 - CVE-2008-5245...
openSUSE 10 Security Update : xine-devel (xine-devel-5966)
This update of xine fixes multiple buffer overflows while parsing files : - CVE-2008-3231 - CVE-2008-5233 - CVE-2008-5234 - CVE-2008-5235 - CVE-2008-5236 - CVE-2008-5237 - CVE-2008-5238 - CVE-2008-5239 - CVE-2008-5240 - CVE-2008-5241 - CVE-2008-5242 - CVE-2008-5243 - CVE-2008-5244 - CVE-2008-5245...
CVE-2008-5238
CVE-2008-5238 has concrete technical details: xine-lib’s demux_real.c real_parse_mdpr function contains an integer overflow in versions up to 1.1.14 (affecting 1.1.12 and other pre-1.1.15 builds) that can be triggered by a crafted stream_name_size field. The impact is a remote denial of service (...