CVE-2009-1274

Integer overflow in the qterror parsetrakatom function in demuxers/demuxqt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, which triggers a heap-based buffer overflow...

Mandriva Security Advisory MDVSA-2009:299 (xine-lib)

The remote host is missing an update to xine-lib announced via advisory MDVSA-2009:299. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

Mandriva Linux Security Advisory : xine-lib (MDVSA-2009:299)

Vulnerabilities have been discovered and corrected in xine-lib : - Integer overflow in the qterror parsetrakatom function in demuxers/demuxqt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom,...

CVE-2009-1274

Integer overflow in the qterror parsetrakatom function in demuxers/demuxqt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, which triggers a heap-based buffer overflow...

Integer overflow

Integer overflow in the qterror parsetrakatom function in demuxers/demuxqt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, which triggers a heap-based buffer overflow...

CVE-2009-1274

Integer overflow in the qterror parsetrakatom function in demuxers/demuxqt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, which triggers a heap-based buffer overflow...

CVE-2009-1274

CVE-2009-1274 : xine-lib = 1.1.16.3, or apply vendor-provided patches/workarounds. In practice, affected products rely on updates such as Gentoo’s recommendation: emerge --sync && emerge --oneshot --verbose

CVE-2006-2458

CVE-2006-2458: Libextractor (up to 0.5.13) contains two heap-based buffer overflows—one in the ASF plugin (asf_read_header) and one in the QT plugin (parse_trak_atom)—allowing remote code execution. Connected advisories corroborate vulnerable versions and indicate a fix was released (e.g., Debian...

Two heap overflow in libextractor 0.5.13 (rev 2832)

Luigi Auriemma Application: libextractor http://gnunet.org/libextractor/ Versions: = 0.5.13 rev 2832 Platforms: nix, BSD, Windows and more Bugs: A heap overflow in asfextractor B heap overflow in qtextractor Exploitation: local Date: 17 May 2006 Author: Luigi Auriemma e-mail: [email protected]...