10 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.141 Low
EPSS
Percentile
95.7%
Unspecified vulnerability in xine-lib before 1.1.15 has unknown impact and
attack vectors related to libfaad. NOTE: due to the lack of details, it is
not clear whether this is an issue in xine-lib or in libfaad.
Author | Note |
---|---|
mdeslaur | Same AAC issue as the first part of CVE-2008-4610 looks like debian fixed this by building xine-lib with the system faad, which is in universe for us… Tester is lol-vlc.aac. Doesn’t crash intrepid. xine 1.1.15 updated built-in libfaad to get rid of crashers Not sure what to do for older versions… |