CVE-2008-5233

Name of the Vulnerable Software and Affected Versions xine-lib versions 1.1.12 through 1.1.14

Description The issue is related to the failure of malloc checks in certain functions, including the mymng process header function in demux mng.c, the open mod file function in demux mod.c, and frame buffer allocation in the real parse audio specific data function in demux real.c. This can be exploited by remote attackers using a crafted media file, potentially leading to a denial of service (crash) or possibly the execution of arbitrary code.

Recommendations For xine-lib versions 1.1.12 through 1.1.14, update to version 1.1.15 or later to resolve the issue.