13 matches found
Mandriva Linux Security Advisory : xine-lib (MDVSA-2009:299)
Vulnerabilities have been discovered and corrected in xine-lib : - Integer overflow in the qterror parsetrakatom function in demuxers/demuxqt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom,...
CVE-2009-1274
CVE-2009-1274 : xine-lib = 1.1.16.3, or apply vendor-provided patches/workarounds. In practice, affected products rely on updates such as Gentoo’s recommendation: emerge --sync && emerge --oneshot --verbose
xine-lib STTS QuickTime原子整数溢出漏洞
BUGTRAQ ID: 34384 xine是一款免费的媒体播放器,支持多种格式。 Xine-lib在解析Quicktime电影文件的畸形STTS原子时存在整数溢出漏洞,本地或远程攻击者可以利用这个漏洞以使用xine库应用程序的权限执行任意代码。以下是/src/demuxers/demuxqt.c中的有漏洞代码段: ... 840 static qterror parsetrakatom qttrak trak, 841 unsigned char trakatom ... 1535 else if currentatom == STTSATOM 1536 1537 / there...
CVE-2008-5242
demuxqt.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, does not validate the count field before calling calloc for STSDATOM atom allocation, which allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted media file...
CVE-2008-5237
Multiple integer overflows in xine-lib 1.1.12, and other 1.1.15 and earlier versions, allow remote attackers to cause a denial of service crash or possibly execute arbitrary code via 1 crafted width and height values that are not validated by the mymngprocessheader function in demuxmng.c before u...
Integer overflow
Integer underflow in demuxqt.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, allows remote attackers to cause a denial of service crash via a crafted media file that results in a small value of moovatomsize in a compressed MOV aka CMOVATOM...
CVE-2008-5241
Integer underflow in demuxqt.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, allows remote attackers to cause a denial of service crash via a crafted media file that results in a small value of moovatomsize in a compressed MOV aka CMOVATOM...
Heap overflow
Multiple heap-based buffer overflows in xine-lib 1.1.12, and other versions before 1.1.15, allow remote attackers to execute arbitrary code via vectors related to 1 a crafted metadata atom size processed by the parsemoovatom function in demuxqt.c and 2 frame reading in the id3v23interpframe...
CVE-2008-5242
demuxqt.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, does not validate the count field before calling calloc for STSDATOM atom allocation, which allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted media file...
CVE-2008-5234
Multiple heap-based buffer overflows in xine-lib 1.1.12, and other versions before 1.1.15, allow remote attackers to execute arbitrary code via vectors related to 1 a crafted metadata atom size processed by the parsemoovatom function in demuxqt.c and 2 frame reading in the id3v23interpframe...
CVE-2008-5241
Integer underflow in demuxqt.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, allows remote attackers to cause a denial of service crash via a crafted media file that results in a small value of moovatomsize in a compressed MOV aka CMOVATOM...
CVE-2008-5242
The CVE-2008-5242 issue affects xine-lib up to 1.1.12/1.1.15, where demux_qt.c does not validate the count before calloc for STSD_ATOM, allowing a crafted media file to cause a denial of service and possibly execute arbitrary code. Publicly documented impacts include remote code execution in the ...
CVE-2008-5241
CVE-2008-5241: Integer underflow in xine-lib's demux_qt.c affects 1.1.12 and earlier 1.1.15 (and older); a crafted QuickTime/MOV file with a small moov_atom_size can crash the player (remote DoS). Remediation per Gentoo GLSA-201006-04 is to upgrade xine-lib to a fixed version (>= 1.1.16.3). Ot...