CVE-2006-1664

Name of the Vulnerable Software and Affected Versions: libxine versions 1.14 and earlier xine-lib versions 1.1.1 and earlier

Description: The issue is related to a buffer overflow in the xine list delete current function, which can be triggered by a crafted MPEG stream. This allows remote attackers to execute arbitrary code.

Recommendations: For libxine versions 1.14 and earlier, update to a version later than 1.14 to resolve the issue. For xine-lib versions 1.1.1 and earlier, update to a version later than 1.1.1 to resolve the issue. As a temporary workaround, consider restricting access to MPEG streams from untrusted sources until a patch is available.