2881 matches found
xine-lib: VCD MRL buffer overflow
Background xine-lib is a multimedia library which can be utilized to create multimedia frontends. Description xine-lib contains a bug where it is possible to overflow the vcd:// input source identifier management buffer through carefully crafted playlists. Impact An attacker may construct a...
Solaris 9 (sparc) : 112923-04
SunOS 5.9: krb5 usr/lib patch. Date this patch was last updated by Sun : Aug/10/07 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
Xine-Lib 0.99 - Remote Buffer Overflow
source: https://www.securityfocus.com/bid/10890/info It is reported that the xine media library is affected by a remote buffer overflow vulnerability. This issue can allow a remote attacker to gain unauthorized access to a vulnerable computer. xine-lib rc-5 and prior versions are reportedly...
FreeBSD : xine-lib arbitrary file overwrite (96)
The following package needs to be updated: libxine %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkge50b04e89c5511d893660020ed76ef5a.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...
MPlayer, xine-lib: vulnerabilities in RTSP stream handling
Background MPlayer is a movie player capable of handling multiple multimedia file formats. xine-lib is a multimedia player library used by several graphical user interfaces, including xine-ui. They both use the same code to handle Real-Time Streaming Protocol RTSP streams from RealNetworks server...
CVE-2004-0433
Multiple buffer overflows in the Real-Time Streaming Protocol RTSP client for 1 MPlayer before 1.0pre4 and 2 xine lib xine-lib before 1-rc4, when playing Real RTSP realrtsp streams, allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long URLs, b lo...
CVE-2004-0433
CVE-2004-0433: Multiple buffer overflows in the RTSP client handling of RealRTSP streams affect MPlayer (before 1.0pre4) and xine-lib (before 1-rc4). The flaws enable denial of service (crash) and potentially arbitrary code execution via long URLs, long Real server responses, or long RDT packets....
CVE-2004-0433
Multiple buffer overflows in the Real-Time Streaming Protocol RTSP client for 1 MPlayer before 1.0pre4 and 2 xine lib xine-lib before 1-rc4, when playing Real RTSP realrtsp streams, allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long URLs, b lo...
xine-lib update
New xine-lib packages are available for Slackware 9.1 and -current to fix a security issue where playing a specially crafted Real RTSP stream could run malicious code as the user playing the stream. More details about this issue may be found in this advisory:...
Props 0.6.1 XSS and Remote File Viewing Vulnerability
Title: Props 0.6.1 XSS and Remote File Viewing Vulnerability. Software: Props 0.6.1 Vendor: http://props.sourceforge.net/ Platform: PHP4 and MySQL Description: PROPS is an open, extensible Internet publishing system designed specifically for periodicals such as newspapers and magazines who want t...
[UNIX] Remote Buffer Overflow Vulnerabilities in Real RTSP Streaming
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
Multiple vulnerabilities in xine
Background xine is a multimedia player allowing to play back CDs, DVDs, and VCDs and decoding multimedia files like AVI, MOV, WMV, and MP3 from local disk drives, and displays multimedia streamed over the Internet. It is available in Gentoo as a reusable library xine-lib with a standard user...
xine-lib arbitrary file overwrite
From the xinehq advisory: By opening a malicious MRL in any xine-lib based media player, an attacker can write arbitrary content to an arbitrary file, only restricted by the permissions of the user running the application. The flaw is a result of a feature that allows MRLs media resource locator...
CVE-2002-2251
Buffer overflow in the changevalue function in libcgi.h for Marcos Luiz Onisto Lib CGI 0.1 allows remote attackers to execute arbitrary code via a long argument...
Remote Frame Pointer Overwrite vulnerability in LIB CGI in Language C.
======================================== INetCop Security Advisory 2002-0x82-007 ======================================== Title: Remote Frame Pointer Overwrite vulnerability in LIB CGI in Language C. 0x01. Description A simple mode of develop CGI in language C. The libcgi package is a library...
Lib CGI 0.1 - Include Buffer Overflow
// source: https://www.securityfocus.com/bid/6264/info Lib CGI is a freely available, open source CGI library for C programmers. It is available for Unix and Linux operating systems. It has been reported that a buffer overflow exists in the Lib CGI development library. Due to improper bounds...
Lib CGI 0.1 - Include Buffer Overflow
Lib CGI 0.1 - Include Buffer Overflow // source: https://www.securityfocus.com/bid/6264/info Lib CGI is a freely available, open source CGI library for C programmers. It is available for Unix and Linux operating systems. It has been reported that a buffer overflow exists in the Lib CGI developmen...
Lib CGI Include Buffer Overflow Vulnerability
...
libhttpdbug.txt
======================================== INetCop Security Advisory 2002-0x82-003 ======================================== Title: Remote Buffer Overflow vulnerability in Lib HTTPd. 0x01. Description LibHTTPD can be used to add basic web server capabilities to an application or embedded device...
Remote Buffer Overflow vulnerability in Lib HTTPd.
======================================== INetCop Security Advisory 2002-0x82-003 ======================================== Title: Remote Buffer Overflow vulnerability in Lib HTTPd. 0x01. Description LibHTTPD can be used to add basic web server capabilities to an application or embedded device...