Vulnerabilities > CVE-2005-1692 - Unspecified vulnerability in Xine Gxine

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
xine
nessus
NVD
Published: 2005-05-24
Updated: 2024-02-14

Summary

Format string vulnerability in gxine 0.4.1 through 0.4.4, and other versions down to 0.3, allows remote attackers to execute arbitrary code via a ram file with a URL whose hostname contains format string specifiers.

Vulnerable Configurations

Part Description Count
Application
Xine
4

Nessus

  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2005-203-04.NASL
    descriptionNew gxine packages are available for Slackware 10.0, 10.1, and -current to fix a format string security issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id19855
    published2005-10-05
    reporterThis script is Copyright (C) 2005-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/19855
    titleSlackware 10.0 / 10.1 / current : gxine format string vulnerability (SSA:2005-203-04)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200505-19.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200505-19 (gxine: Format string vulnerability) Exworm discovered that gxine insecurely implements formatted printing in the hostname decoding function. Impact : A remote attacker could entice a user to open a carefully crafted file with gxine, possibly leading to the execution of arbitrary code. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id18383
    published2005-05-28
    reporterThis script is Copyright (C) 2005-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/18383
    titleGLSA-200505-19 : gxine: Format string vulnerability

References