CVE-2004-1379

Name of the Vulnerable Software and Affected Versions xine-lib version 1-rc5 and earlier

Description The issue is related to a heap-based buffer overflow in the DVD subpicture decoder. This can be exploited by remote attackers through a DVD or MPEG subpicture header where the second field reuses RLE data from the end of the first field, allowing them to execute arbitrary code. Multiple vulnerabilities in the libxine0 package may lead to breaches of confidentiality, integrity, and availability of protected information, and these can be exploited remotely.

Recommendations For xine-lib version 1-rc5 and earlier, consider updating to a version later than 1-rc5 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.