CVE-2004-1188

Name of the Vulnerable Software and Affected Versions: xine versions 0.99.2 and earlier MPlayer versions (affected versions not specified)

Description: The issue arises from the pnm get chunk function not properly verifying that the chunk size is less than the PREAMBLE SIZE, leading to a buffer overflow. This can occur via specific tag values, including RMF TAG, DATA TAG, PROP TAG, MDPR TAG, and CONT TAG.

Recommendations: For xine versions 0.99.2 and earlier, update to a version that fixes this issue. For MPlayer, at the moment, there is no information about a newer version that contains a fix for this vulnerability.