55 matches found
Design/Logic Flaw
An issue was discovered in the MQTT input plugin in Fluent Bit through 1.0.4. When this plugin acts as an MQTT broker server, it mishandles incoming network messages. After processing a crafted packet, the plugin's mqttpacketdrop function in /plugins/inmqtt/mqttprot.c executes the memmove functio...
CVE-2019-9749
An issue was discovered in the MQTT input plugin in Fluent Bit through 1.0.4. When this plugin acts as an MQTT broker server, it mishandles incoming network messages. After processing a crafted packet, the plugin's mqttpacketdrop function in /plugins/inmqtt/mqttprot.c executes the memmove functio...
CVE-2019-9749
The CVE-2019-9749 entry pertains to Fluent Bit’s MQTT input plugin (up to version 1.0.4) when acting as an MQTT broker. The root cause is in mqtt_packet_drop (plugins/in_mqtt/mqtt_prot.c): after processing a crafted packet, memmove() is invoked with a negative size, causing a crash of the Fluent ...
Gentoo Security Advisory GLSA 200612-02 (xine-lib)
The remote host is missing updates announced in advisory GLSA 200612-02. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Buffer overflow
Buffer overflow in the vorbisstreaminfo function in input/vorbis/vorbisengine.c aka the vorbis input plugin in AlsaPlayer before 0.99.80-rc3 allows remote attackers to execute arbitrary code via a .OGG file with long comments...
CVE-2007-5301
Buffer overflow in the vorbisstreaminfo function in input/vorbis/vorbisengine.c aka the vorbis input plugin in AlsaPlayer before 0.99.80-rc3 allows remote attackers to execute arbitrary code via a .OGG file with long comments...
DEBIAN-CVE-2007-5301
Buffer overflow in the vorbisstreaminfo function in input/vorbis/vorbisengine.c aka the vorbis input plugin in AlsaPlayer before 0.99.80-rc3 allows remote attackers to execute arbitrary code via a .OGG file with long comments...
CVE-2007-5301
Buffer overflow in the vorbisstreaminfo function in input/vorbis/vorbisengine.c aka the vorbis input plugin in AlsaPlayer before 0.99.80-rc3 allows remote attackers to execute arbitrary code via a .OGG file with long comments...
CVE-2007-5301
Buffer overflow in the vorbisstreaminfo function in input/vorbis/vorbisengine.c aka the vorbis input plugin in AlsaPlayer before 0.99.80-rc3 allows remote attackers to execute arbitrary code via a .OGG file with long comments...
CVE-2007-5301
Buffer overflow in the vorbisstreaminfo function in input/vorbis/vorbisengine.c aka the vorbis input plugin in AlsaPlayer before 0.99.80-rc3 allows remote attackers to execute arbitrary code via a .OGG file with long comments...
CVE-2007-5301
Buffer overflow in the vorbisstreaminfo function in input/vorbis/vorbisengine.c aka the vorbis input plugin in AlsaPlayer before 0.99.80-rc3 allows remote attackers to execute arbitrary code via a .OGG file with long comments...
AlsaPlayer 0.99.x - Vorbis Input Plugin OGG Processing Remote Buffer Overflow
source: https://www.securityfocus.com/bid/25969/info AlsaPlayer is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it to an insufficiently sized buffer. Exploiting this issue allows attackers to execute arbitrary machine...
GLSA-200612-02 : xine-lib: Buffer overflow
The remote host is affected by the vulnerability described in GLSA-200612-02 xine-lib: Buffer overflow A possible buffer overflow has been reported in the Real Media input plugin. Impact : An attacker could exploit this vulnerability by enticing a user into loading a specially crafted stream with...
DEBIAN-CVE-2006-6172
Buffer overflow in the asmrpeval function in the RealMedia RTSP stream handler asmrp.c for Real Media input plugin, as used in 1 xine/xine-lib, 2 MPlayer 1.0rc1 and earlier, and possibly others, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a ruleboo...
XINE format string bugs when handling non existen file
Author : KaDaL-X email : [email protected] website : http://kandangjamur.net Software tested Version : 0.99.4 Vendor : http://xine.sourceforge.net Proof Of Concept : Type in your unix console something like this : kandangjamur$xine p-p.mp3 Then, there are two error alert box causing by this...