CVE-2008-5240
xine-lib 1.1.12, and other 1.1.15 and earlier versions, relies on an untrusted input value to determine the memory allocation and does not check the result for 1 the MATROSKAIDTRCODECPRIVATE track entry element processed by demuxmatroska.c; and 2 PROPTAG, 3 MDPRTAG, and 4 CONTTAG chunks processed...