Lucene search

K
ubuntucveUbuntu.comUB:CVE-2005-2967
HistoryOct 14, 2005 - 12:00 a.m.

CVE-2005-2967

2005-10-1400:00:00
ubuntu.com
ubuntu.com
10

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.015 Low

EPSS

Percentile

86.8%

Format string vulnerability in input_cdda.c in xine-lib 1-beta through
1-beta 3, 1-rc, 1.0 through 1.0.2, and 1.1.1 allows remote servers to
execute arbitrary code via format string specifiers in metadata in CDDB
server responses when the victim plays a CD.

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchxine-extracodecs< 1.1.1+ubuntu1-2UNKNOWN
ubuntu6.10noarchxine-extracodecs< 1.1.1+ubuntu1-2UNKNOWN
ubuntu7.04noarchxine-extracodecs< 1.1.1+ubuntu1-2UNKNOWN
ubuntu6.06noarchxine-lib< 1.1.1+ubuntu2-7.7UNKNOWN
ubuntu6.10noarchxine-lib< 1.1.2+repacked1-0ubuntu3.4UNKNOWN
ubuntu7.04noarchxine-lib< 1.1.4-2ubuntu3UNKNOWN

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.015 Low

EPSS

Percentile

86.8%