Vulnerabilities > Xine > Xine LIB
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-11-26 | CVE-2008-5240 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Xine Xine-Lib xine-lib 1.1.12, and other 1.1.15 and earlier versions, relies on an untrusted input value to determine the memory allocation and does not check the result for (1) the MATROSKA_ID_TR_CODECPRIVATE track entry element processed by demux_matroska.c; and (2) PROP_TAG, (3) MDPR_TAG, and (4) CONT_TAG chunks processed by the real_parse_headers function in demux_real.c; which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) or possibly execute arbitrary code via a crafted value. | 4.3 |
| 2008-11-26 | CVE-2008-5239 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Xine Xine-Lib xine-lib 1.1.12, and other 1.1.15 and earlier versions, does not properly handle (a) negative and (b) zero values during unspecified read function calls in input_file.c, input_net.c, input_smb.c, and input_http.c, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via vectors such as (1) a file or (2) an HTTP response, which triggers consequences such as out-of-bounds reads and heap-based buffer overflows. | 4.3 |
| 2008-11-26 | CVE-2008-5234 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Xine Xine-Lib Multiple heap-based buffer overflows in xine-lib 1.1.12, and other versions before 1.1.15, allow remote attackers to execute arbitrary code via vectors related to (1) a crafted metadata atom size processed by the parse_moov_atom function in demux_qt.c and (2) frame reading in the id3v23_interp_frame function in id3.c. | 9.3 |
| 2008-11-26 | CVE-2008-5233 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Xine Xine-Lib xine-lib 1.1.12, and other versions before 1.1.15, does not check for failure of malloc in circumstances including (1) the mymng_process_header function in demux_mng.c, (2) the open_mod_file function in demux_mod.c, and (3) frame_buffer allocation in the real_parse_audio_specific_data function in demux_real.c, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted media file. | 4.3 |
| 2008-07-18 | CVE-2008-3231 | Improper Input Validation vulnerability in Xine Xine-Lib xine-lib before 1.1.15 allows remote attackers to cause a denial of service (crash) via a crafted OGG file, as demonstrated by playing lol-ffplay.ogg with xine. | 4.3 |
| 2008-04-17 | CVE-2008-1878 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Xine Xine-Lib Stack-based buffer overflow in the demux_nsf_send_chunk function in src/demuxers/demux_nsf.c in xine-lib 1.1.12 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long NSF title. | 7.5 |
| 2008-04-08 | CVE-2008-1686 | Numeric Errors vulnerability in multiple products Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer. | 9.3 |
| 2008-03-24 | CVE-2008-1482 | Buffer Errors vulnerability in Xine Xine-Lib 1.1.11 Multiple integer overflows in xine-lib 1.1.11 and earlier allow remote attackers to trigger heap-based buffer overflows and possibly execute arbitrary code via (1) a crafted .FLV file, which triggers an overflow in demuxers/demux_flv.c; (2) a crafted .MOV file, which triggers an overflow in demuxers/demux_qt.c; (3) a crafted .RM file, which triggers an overflow in demuxers/demux_real.c; (4) a crafted .MVE file, which triggers an overflow in demuxers/demux_wc3movie.c; (5) a crafted .MKV file, which triggers an overflow in demuxers/ebml.c; or (6) a crafted .CAK file, which triggers an overflow in demuxers/demux_film.c. | 6.8 |
| 2008-03-24 | CVE-2008-0073 | Numeric Errors vulnerability in Xine Xine-Lib 1.1.10.1 Array index error in the sdpplin_parse function in input/libreal/sdpplin.c in xine-lib 1.1.10.1 allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter. | 6.8 |
| 2008-02-05 | CVE-2008-0486 | Numeric Errors vulnerability in multiple products Array index vulnerability in libmpdemux/demux_audio.c in MPlayer 1.0rc2 and SVN before r25917, and possibly earlier versions, as used in Xine-lib 1.1.10, might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow. | 7.5 |