Xine-lib@1 rc0 Security Vulnerabilities and Issues — Xine-lib@1 rc0 CVE List

Lucene search

XineXine-lib1 rc0

3 matches found

CVE•added 2005/01/19 5:0 a.m.•58 views

CVE-2004-1379

Heap-based buffer overflow in the DVD subpicture decoder in xine xine-lib 1-rc5 and earlier allows remote attackers to execute arbitrary code via a (1) DVD or (2) MPEG subpicture header where the second field reuses RLE data from the end of the first field.

7.5CVSS7.7AI score0.0354EPSS

CVE•added 2005/01/10 5:0 a.m.•43 views

CVE-2004-1187

Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and other packages such as MPlayer that use the same code, allows remote attackers to execute arbitrary code via long PNA_TAG values, a different vulnerability than CVE-2004-1188.

10CVSS7.8AI score0.05704EPSS

CVE•added 2005/01/10 5:0 a.m.•43 views

CVE-2004-1188

The pnm_get_chunk function in xine 0.99.2 and earlier, and other packages such as MPlayer that use the same code, does not properly verify that the chunk size is less than the PREAMBLE_SIZE, which causes a read operation with a negative length that leads to a buffer overflow via (1) RMF_TAG, (2) DA...

10CVSS6.6AI score0.05704EPSS