CVE-2006-2200

Name of the Vulnerable Software and Affected Versions MiMMS version 0.0.9 xine-lib versions 1.1.0 and earlier

Description The issue is a stack-based buffer overflow in libmms, which can be exploited by remote attackers to cause a denial of service, potentially leading to application crashes, and possibly allowing the execution of arbitrary code. This can occur through various functions, including send command(), string utf16(), get data(), and get media packet(), as well as possibly other functions.

Recommendations For MiMMS version 0.0.9, consider disabling the send command(), string utf16(), get data(), and get media packet() functions as a temporary workaround until a patch is available. For xine-lib versions 1.1.0 and earlier, restrict access to the vulnerable libmms module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.