Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2008-5246
HistoryNov 26, 2008 - 12:00 a.m.

CVE-2008-5246

2008-11-2600:00:00
ubuntu.com
ubuntu.com
11

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.107 Low

EPSS

Percentile

95.0%

JSON

Multiple heap-based buffer overflows in xine-lib before 1.1.15 allow remote
attackers to execute arbitrary code via vectors that send ID3 data to the
(1) id3v22_interp_frame and (2) id3v24_interp_frame functions in
src/demuxers/id3.c. NOTE: the provenance of this information is unknown;
the details are obtained solely from third party information.

Notes

Author Note
mdeslaur this appears to be the same bug as the (2) part of CVE-2008-5234
OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchxine-lib< 1.1.1+ubuntu2-7.10UNKNOWN
ubuntu7.10noarchxine-lib< 1.1.7-1ubuntu1.4UNKNOWN
ubuntu8.04noarchxine-lib< 1.1.11.1-1ubuntu3.2UNKNOWN

Related

ubuntucve 2
cve 2
prion 2
debiancve 1
openvas 16
freebsd 1
nessus 12
ubuntu 1
fedora 2
gentoo 1
ubuntucve
ubuntucve
CVE-2008-5234
2008-11-26 00:00:00
CVE-2008-5242
2008-11-25 00:00:00
cve
cve
CVE-2008-5234
2008-11-26 01:30:00
CVE-2008-5246
2008-11-26 01:30:00
prion
prion
Heap overflow
2008-11-26 01:30:00
Heap overflow
2008-11-26 01:30:00
debiancve
debiancve
CVE-2008-5246
2008-11-26 01:30:00
openvas
openvas
FreeBSD Ports: libxine
2009-05-20 00:00:00
Mandrake Security Advisory MDVSA-2009:020 (xine-lib)
2009-01-26 00:00:00
FreeBSD Ports: libxine
2009-05-20 00:00:00
freebsd
freebsd
libxine -- multiple vulnerabilities
2009-02-15 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : xine-lib (MDVSA-2009:020)
2009-04-23 00:00:00
FreeBSD : libxine -- multiple vulnerabilities (51d1d428-42f0-11de-ad22-000e35248ad7)
2009-05-18 00:00:00
Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : xine-lib vulnerabilities (USN-710-1)
2009-04-23 00:00:00
ubuntu
ubuntu
xine-lib vulnerabilities
2009-01-26 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: xine-lib-1.1.16-1.fc10
2009-01-15 03:02:41
[SECURITY] Fedora 9 Update: xine-lib-1.1.16-1.fc9.1
2009-01-15 03:07:21
gentoo
gentoo
xine-lib: User-assisted execution of arbitrary code
2010-06-01 00:00:00

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.107 Low

EPSS

Percentile

95.0%

JSON
Related for UB:CVE-2008-5246
ubuntucve2cve2prion2debiancve1openvas16freebsd1nessus12ubuntu1fedora2gentoo1