Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2009/01/13 12:0 a.m.28 views

GLSA-200901-07 : MPlayer: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200901-07 MPlayer: Multiple vulnerabilities Multiple vulnerabilities have been reported in MPlayer: A stack-based buffer overflow was found in the strreadpacket function in libavformat/psxstr.c when processing crafted STR files th...

10CVSS6.5AI score0.10852EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2008/11/26 1:30 a.m.16 views

CVE-2008-5247

The realparseaudiospecificdata function in demuxreal.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, uses an untrusted height aka codecdatalength value as a divisor, which allow remote attackers to cause a denial of service divide-by-zero error and crash via a zero value...

4.3CVSS5.9AI score0.01511EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2008/11/26 1:30 a.m.21 views

CVE-2008-5240

xine-lib 1.1.12, and other 1.1.15 and earlier versions, relies on an untrusted input value to determine the memory allocation and does not check the result for 1 the MATROSKAIDTRCODECPRIVATE track entry element processed by demuxmatroska.c; and 2 PROPTAG, 3 MDPRTAG, and 4 CONTTAG chunks processed...

4.3CVSS6.2AI score0.04191EPSS
Exploits0References4
Prion
Prion
added 2008/11/26 1:30 a.m.13 views

Denial of service

The realparseaudiospecificdata function in demuxreal.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, uses an untrusted height aka codecdatalength value as a divisor, which allow remote attackers to cause a denial of service divide-by-zero error and crash via a zero value...

4.3CVSS6.6AI score0.01511EPSS
Exploits0References8Affected Software1
Prion
Prion
added 2008/11/26 1:30 a.m.15 views

Design/Logic Flaw

xine-lib 1.1.12, and other versions before 1.1.15, does not check for failure of malloc in circumstances including 1 the mymngprocessheader function in demuxmng.c, 2 the openmodfile function in demuxmod.c, and 3 framebuffer allocation in the realparseaudiospecificdata function in demuxreal.c, whi...

4.3CVSS7.9AI score0.03345EPSS
Exploits0References15Affected Software1
Prion
Prion
added 2008/11/26 1:30 a.m.8 views

Integer overflow

Integer overflow in the realparsemdpr function in demuxreal.c in xine-lib 1.1.12, and other versions before 1.1.15, allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted streamnamesize field...

7.1CVSS8.3AI score0.03646EPSS
Exploits0References11Affected Software1
CVE
CVE
added 2008/11/26 1:0 a.m.60 views

CVE-2008-5243

CVE-2008-5243 affects xine-lib (1.1.12 and earlier) where real_parse_headers uses an untrusted input length to reindex into an allocated buffer, enabling remote DoS via crafted media files. Multiple advisories (Gentoo GLSA 2010/06, Mandriva MDVSA-2009:319, SUSE security) enumerate related buffer/...

4.3CVSS7.1AI score0.01798EPSS
Exploits0References12Affected Software1
CVE
CVE
added 2008/11/26 1:0 a.m.48 views

CVE-2008-5247

CVE-2008-5247 affects xine-lib 1.1.12 and earlier (up to 1.1.15): the function real_parse_audio_specific_data uses an untrusted height (codec_data_length) as a divisor, allowing a remote attacker to trigger a divide-by-zero error and crash. Mitigation: upgrade to xine-lib 1.1.16.3 or later as per...

4.3CVSS7.2AI score0.01511EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder