SUSE CVE-2008-0238

Multiple heap-based buffer overflows in the rmffdumpcont function in input/libreal/rmff.c in xine-lib 1.1.9 allow remote attackers to execute arbitrary code via the SDP 1 Title, 2 Author, or 3 Copyright attribute, related to the rmffdumpheader function, different vectors than CVE-2008-0225. NOTE:...

CVE-2008-0238

Multiple heap-based buffer overflows in the rmffdumpcont function in input/libreal/rmff.c in xine-lib 1.1.9 allow remote attackers to execute arbitrary code via the SDP 1 Title, 2 Author, or 3 Copyright attribute, related to the rmffdumpheader function, different vectors than CVE-2008-0225. NOTE:...

xine-lib rmff_dump_cont()远程堆溢出漏洞

BUGTRAQ ID: 27198 xine是一款免费的媒体播放器，支持多种格式。 xine处理畸形格式的数据时存在缓冲区溢出漏洞，远程攻击者可能利用此漏洞控制用户系统。 xine的input/libreal/rmff.c文件中的rmffdumpcont函数没有正确地处理SDP Title、Author、Copyright和Abstract属性，如果用户受骗连接到了恶意的RTSP服务器的话，就可能触发堆溢出，导致执行任意指令。以下是input/libreal/rmff.c中的漏洞代码： int rmffdumpheaderrmffheadert h, char buffer, int m...

CVE-2008-0225

Heap-based buffer overflow in the rmffdumpcont function in input/libreal/rmff.c in xine-lib 1.1.9 and earlier allows remote attackers to execute arbitrary code via the SDP Abstract attribute in an RTSP session, related to the rmffdumpheader function and related to disregarding the max field. NOTE...