Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:3072
HistoryMar 21, 2008 - 12:00 a.m.

xine-lib sdpplin_parse()函数远程溢出漏洞

2008-03-2100:00:00
Root
www.seebug.org
14

0.004 Low

EPSS

Percentile

71.6%

JSON

BUGTRAQ ID: 28312
CVE(CAN) ID: CVE-2008-0073

xine是一款免费的媒体播放器,支持多种格式。

xine的input/libreal/sdpplin.c文件中的sdpplin_parse()函数存在缓冲区溢出漏洞,如果恶意的RTSP流中包含有超长的SDP参数的话,就可能触发这个溢出,导致执行任意指令。

xine-lib 1.1.10.1
xine

目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:

<a href=“http://xinehq.de/” target=“_blank”>http://xinehq.de/</a>

Related

nessus 14
slackware 1
exploitpack 1
debiancve 1
openvas 22
prion 1
securityvulns 2
ubuntucve 1
cvelist 1
redhatcve 1
seebug 1
packetstorm 1
fedora 3
cve 1
exploitdb 1
gentoo 2
debian 2
osv 2
ubuntu 1
nessus
nessus
Fedora 8 : xine-lib-1.1.11-1.fc8 (2008-2569)
2008-03-26 00:00:00
Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / current : xine-lib (SSA:2008-089-03)
2008-03-31 00:00:00
openSUSE 10 Security Update : xine-devel (xine-devel-5113)
2008-03-31 00:00:00
slackware
slackware
[slackware-security] xine-lib
2008-03-30 00:05:12
exploitpack
exploitpack
MPlayer 1.0 rc2 - sdpplin_parse() Array Indexing Buffer Overflow (PoC)
2008-03-25 00:00:00
debiancve
debiancve
CVE-2008-0073
2008-03-24 22:44:00
openvas
openvas
Slackware Advisory SSA:2008-089-03 xine-lib
2012-09-11 00:00:00
Slackware: Security Advisory (SSA:2008-089-03)
2012-09-10 00:00:00
Fedora Update for xine-lib FEDORA-2008-2569
2009-02-16 00:00:00
prion
prion
Design/Logic Flaw
2008-03-24 22:44:00
securityvulns
securityvulns
[Full-disclosure] CVE-2008-0073 - MPlayer and VLC &quot;sdpplin_parse&#40;&#41;&quot; Array Indexing Vulnerability
2008-03-25 00:00:00
Xine / MPlayer / VLC buffer overflow
2008-03-25 00:00:00
ubuntucve
ubuntucve
CVE-2008-0073
2008-03-24 00:00:00
cvelist
cvelist
CVE-2008-0073
2008-03-24 22:00:00
redhatcve
redhatcve
CVE-2008-0073
2019-10-04 21:36:03
seebug
seebug
MPlayer sdpplin_parse() Array Indexing Buffer Overflow Exploit PoC
2008-03-26 00:00:00
packetstorm
packetstorm
mplayer-overflowpoc.txt
2008-03-26 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: xine-lib-1.1.11-1.fc8
2008-03-21 22:06:16
[SECURITY] Fedora 7 Update: xine-lib-1.1.11.1-1.fc7
2008-04-09 05:18:08
[SECURITY] Fedora 8 Update: xine-lib-1.1.15-1.fc8
2008-09-10 06:45:50
cve
cve
CVE-2008-0073
2008-03-24 22:44:00
exploitdb
exploitdb
MPlayer 1.0 rc2 - &#039;sdpplin_parse()&#039; Array Indexing Buffer Overflow (PoC)
2008-03-25 00:00:00
gentoo
gentoo
xine-lib: User-assisted execution of arbitrary code
2008-08-06 00:00:00
VLC: User-assisted execution of arbitrary code
2008-04-23 00:00:00
debian
debian
[SECURITY] [DSA 1536-1] New libxine packages fix several vulnerabilities
2008-03-31 20:52:02
[SECURITY] [DSA 1543-1] New vlc packages fix several vulnerabilities
2008-04-09 19:26:39
osv
osv
xine-lib - several vulnerabilities
2008-03-31 00:00:00
vlc - several vulnerabilities
2008-04-09 00:00:00
ubuntu
ubuntu
xine-lib vulnerabilities
2008-08-06 00:00:00

0.004 Low

EPSS

Percentile

71.6%

JSON
Related for SSV:3072
nessus14slackware1exploitpack1debiancve1openvas22prion1securityvulns2ubuntucve1cvelist1redhatcve1seebug1packetstorm1fedora3cve1exploitdb1gentoo2debian2osv2ubuntu1