2881 matches found
xine-lib buffer overflows
buffer overflow in the PNM, VCD and DVD handling code...
CVE-2004-1300
CVE-2004-1300 affects xine-lib (libxine) 1-rc7, where a buffer overflow in demux_aiff.c:open_aiff_file allows remote attackers to execute arbitrary code via a crafted AIFF file. Multiple sources (NVD, SUSE, Gentoo GLSA, OpenVAS/Nessus references) describe the vulnerability as a buffer overflow in...
CVE-2004-1300
Buffer overflow in the openaifffile function in demuxaiff.c for xine-lib libxine 1-rc7 allows remote attackers to execute arbitrary code via a crafted AIFF file...
CVE-2004-1300
Buffer overflow in the openaifffile function in demuxaiff.c for xine-lib libxine 1-rc7 allows remote attackers to execute arbitrary code via a crafted AIFF file...
Xine-Lib < 1.0-rc8 Remote Client-Side Buffer Overflow
Binary data 2459.prm...
Mandrake Linux Security Advisory : xine-lib (MDKSA-2004:105)
A number of string overflows were discovered in the xine-lib program, some of which can be used for remote buffer overflow exploits that lead to the execution of arbitrary code with the permissions of the user running a xine-lib-based media application. xine-lib versions 1-rc2 through, and...
GLSA-200409-30 : xine-lib: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200409-30 xine-lib: Multiple vulnerabilities xine-lib contains two stack-based overflows and one heap-based overflow. In the code reading VCD disc labels, the ISO disc label is copied into an unprotected stack buffer of fixed size...
[slackware-security] xine-lib
New xine-lib packages are available for Slackware 10.0 and -current to fix security issues. For more details, see: http://www.xinehq.de/index.php/security/XSA-2004-4 http://www.xinehq.de/index.php/security/XSA-2004-5 Here are the details from the Slackware 10.0 ChangeLog:...
xine-lib: Multiple vulnerabilities
Background xine-lib is a multimedia library which can be utilized to create multimedia frontends. Description xine-lib contains two stack-based overflows and one heap-based overflow. In the code reading VCD disc labels, the ISO disc label is copied into an unprotected stack buffer of fixed size...
Xine-lib < 1.0 RC6a Heap and Stack Overflows
Binary data 2304.prm...
XSA-2004-5: heap overflow in DVD subpicture decoder
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 xine security announcement ========================== Announcement-ID: XSA-2004-5 Summary: A heap overflow has been found in the DVD subpicture decoder of xine-lib. This can be used for a remote heap overflow exploit, which can, on some systems, lead ...
XSA-2004-4: multiple string overflows
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 xine security announcement ========================== Announcement-ID: XSA-2004-4 Summary: Several string overflows on the stack have been fixed in xine-lib, some of them can be used for remote buffer overflow exploits leading to the execution of...
CVE-2004-1379
Heap-based buffer overflow in the DVD subpicture decoder in xine xine-lib 1-rc5 and earlier allows remote attackers to execute arbitrary code via a 1 DVD or 2 MPEG subpicture header where the second field reuses RLE data from the end of the first field...
libxine -- multiple vulnerabilities in VideoCD handling
A xine security announcement states: Several string overflows on the stack have been fixed in xine-lib, some of them can be used for remote buffer overflow exploits leading to the execution of arbitrary code with the permissions of the user running a xine-lib based media application. Stack-based...
GLSA-200405-24 : MPlayer, xine-lib: vulnerabilities in RTSP stream handling
The remote host is affected by the vulnerability described in GLSA-200405-24 MPlayer, xine-lib: vulnerabilities in RTSP stream handling Multiple vulnerabilities have been found and fixed in the RTSP handling code common to recent versions of these two packages. These vulnerabilities include sever...
GLSA-200408-18 : xine-lib: VCD MRL buffer overflow
The remote host is affected by the vulnerability described in GLSA-200408-18 xine-lib: VCD MRL buffer overflow xine-lib contains a bug where it is possible to overflow the vcd:// input source identifier management buffer through carefully crafted playlists. Impact : An attacker may construct a...
GLSA-200404-20 : Multiple vulnerabilities in xine
The remote host is affected by the vulnerability described in GLSA-200404-20 Multiple vulnerabilities in xine Several vulnerabilities were found in xine-ui and xine-lib. By opening a malicious MRL in any xine-lib based media player, an attacker can write arbitrary content to an arbitrary file, on...
[ GLSA 200408-18 ] xine-lib: VCD MRL buffer overflow
Gentoo Linux Security Advisory GLSA 200408-18 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...
CVE-2004-0433
Multiple buffer overflows in the Real-Time Streaming Protocol RTSP client for 1 MPlayer before 1.0pre4 and 2 xine lib xine-lib before 1-rc4, when playing Real RTSP realrtsp streams, allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long URLs, b lo...
CVE-2004-0433
Multiple buffer overflows in the Real-Time Streaming Protocol RTSP client for 1 MPlayer before 1.0pre4 and 2 xine lib xine-lib before 1-rc4, when playing Real RTSP realrtsp streams, allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long URLs, b lo...