Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2009-0698
HistoryFeb 23, 2009 - 12:00 a.m.

CVE-2009-0698

2009-02-2300:00:00
ubuntu.com
ubuntu.com
8

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.067 Low

EPSS

Percentile

93.8%

JSON

Integer overflow in the 4xm demuxer (demuxers/demux_4xm.c) in xine-lib
1.1.16.1 allows remote attackers to cause a denial of service (crash) and
possibly execute arbitrary code via a 4X movie file with a large
current_track value, a similar issue to CVE-2009-0385.

Bugs

Notes

Author Note
mdeslaur when fixing this, also add in patch for CVE-2008-5239 regression: http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=b11cc37934629a2965859163db6095fbbe2b44be;style=gitweb details: http://bugs.xine-project.org/show_bug.cgi?id=204 details: https://bugs.launchpad.net/ubuntu/+source/xine-lib/+bug/322834
OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchxine-lib<Β 1.1.1+ubuntu2-7.11UNKNOWN
ubuntu7.10noarchxine-lib<Β 1.1.7-1ubuntu1.5UNKNOWN
ubuntu8.04noarchxine-lib<Β 1.1.11.1-1ubuntu3.3UNKNOWN
ubuntu8.10noarchxine-lib<Β 1.1.15-0ubuntu3.2UNKNOWN

Related

cve 3
nessus 30
openvas 50
prion 3
debiancve 2
ubuntu 4
freebsd 3
seebug 1
ubuntucve 3
slackware 1
checkpoint_advisories 1
fedora 4
debian 2
osv 2
gentoo 2
ibm 1
cve
cve
CVE-2009-0698
2009-02-23 15:30:00
CVE-2008-5239
2008-11-26 01:30:00
CVE-2009-0385
2009-02-02 19:30:00
nessus
nessus
Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : xine-lib vulnerability (USN-746-1)
2009-04-23 00:00:00
Mandriva Linux Security Advisory : xine-lib (MDVSA-2009:299)
2009-11-16 00:00:00
FreeBSD : libxine -- multiple vulnerabilities (51d1d428-42f0-11de-ad22-000e35248ad7)
2009-05-18 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-746-1)
2009-04-06 00:00:00
Mandriva Security Advisory MDVSA-2009:299 (xine-lib)
2009-11-17 00:00:00
Mandriva Security Advisory MDVSA-2009:299 (xine-lib)
2009-11-17 00:00:00
prion
prion
Integer overflow
2009-02-23 15:30:00
Integer overflow
2009-02-02 19:30:00
Heap overflow
2008-11-26 01:30:00
debiancve
debiancve
CVE-2009-0698
2009-02-23 15:30:00
CVE-2009-0385
2009-02-02 19:30:00
ubuntu
ubuntu
xine-lib vulnerability
2009-03-26 00:00:00
xine-lib vulnerabilities
2009-04-20 00:00:00
FFmpeg vulnerabilities
2009-03-16 00:00:00
freebsd
freebsd
libxine -- multiple vulnerabilities
2009-02-15 00:00:00
ffmpeg -- 4xm processing memory corruption vulnerability
2009-01-28 00:00:00
libxine -- multiple vulnerabilities
2009-04-04 00:00:00
seebug
seebug
FFmpeg 4xmζ–‡δ»Άθ§£ζžε†…ε­˜η ΄εζΌζ΄ž
2009-02-19 00:00:00
ubuntucve
ubuntucve
CVE-2008-5239
2008-11-26 00:00:00
CVE-2009-0385
2009-02-02 00:00:00
CVE-2009-1274
2009-04-08 00:00:00
slackware
slackware
xine-lib
2009-04-07 23:31:21
checkpoint_advisories
checkpoint_advisories
FFmpeg 4xm Processing Memory Corruption (CVE-2009-0385)
2009-11-03 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: xine-lib-1.1.16.3-1.fc10
2009-04-09 16:08:28
[SECURITY] Fedora 9 Update: xine-lib-1.1.16.3-1.fc9
2009-04-09 16:07:39
[SECURITY] Fedora 10 Update: xine-lib-1.1.16-1.fc10
2009-01-15 03:02:41
debian
debian
[SECURITY] [DSA 1781-1] New ffmpeg-debian packages fix arbitrary code execution
2009-04-29 07:00:35
[SECURITY] [DSA 1782-1] New mplayer packages fix arbitrary code execution
2009-04-29 07:01:08
osv
osv
ffmpeg ffmpeg-debian - arbitrary code execution
2009-04-29 00:00:00
mplayer - arbitrary code execution
2009-04-29 00:00:00
gentoo
gentoo
FFmpeg: Multiple vulnerabilities
2009-03-19 00:00:00
xine-lib: User-assisted execution of arbitrary code
2010-06-01 00:00:00
ibm
ibm
Security Bulletin: Multiple Vulnerabilities Have Been Identified In IBM Security Verify Privilege Vault previously known as IBM Security Secret Server
2020-09-23 05:03:22

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.067 Low

EPSS

Percentile

93.8%

JSON
Related for UB:CVE-2009-0698
cve3nessus30openvas50prion3debiancve2ubuntu4freebsd3seebug1ubuntucve3slackware1checkpoint_advisories1fedora4debian2osv2gentoo2ibm1