5 matches found
SUSE CVE-2008-5247
The realparseaudiospecificdata function in demuxreal.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, uses an untrusted height aka codecdatalength value as a divisor, which allow remote attackers to cause a denial of service divide-by-zero error and crash via a zero value...
openSUSE Security Update : xine-devel (xine-devel-483)
This update of xine fixes multiple buffer overflows while parsing files : - CVE-2008-3231 - CVE-2008-5233 - CVE-2008-5234 - CVE-2008-5235 - CVE-2008-5236 - CVE-2008-5237 - CVE-2008-5238 - CVE-2008-5239 - CVE-2008-5240 - CVE-2008-5241 - CVE-2008-5242 - CVE-2008-5243 - CVE-2008-5244 - CVE-2008-5245...
openSUSE 10 Security Update : xine-devel (xine-devel-5966)
This update of xine fixes multiple buffer overflows while parsing files : - CVE-2008-3231 - CVE-2008-5233 - CVE-2008-5234 - CVE-2008-5235 - CVE-2008-5236 - CVE-2008-5237 - CVE-2008-5238 - CVE-2008-5239 - CVE-2008-5240 - CVE-2008-5241 - CVE-2008-5242 - CVE-2008-5243 - CVE-2008-5244 - CVE-2008-5245...
CVE-2008-5247
The realparseaudiospecificdata function in demuxreal.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, uses an untrusted height aka codecdatalength value as a divisor, which allow remote attackers to cause a denial of service divide-by-zero error and crash via a zero value...
CVE-2008-5247
CVE-2008-5247 affects xine-lib 1.1.12 and earlier (up to 1.1.15): the function real_parse_audio_specific_data uses an untrusted height (codec_data_length) as a divisor, allowing a remote attacker to trigger a divide-by-zero error and crash. Mitigation: upgrade to xine-lib 1.1.16.3 or later as per...