PT-2008-1882 · Xine · Xine-Lib

Published

2008-01-11

Updated

2008-09-11

CVE-2008-0238

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions xine-lib version 1.1.9

Description The issue is related to multiple heap-based buffer overflows in the rmff dump cont function, which can be exploited by remote attackers to execute arbitrary code. This can be achieved via the SDP Title, Author, or Copyright attribute. The rmff dump header function is also related to this issue.

Recommendations For xine-lib version 1.1.9, update to a newer version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2008-0238

Affected Products

Xine-Lib

PT-2008-1882 · Xine · Xine-Lib

CVE-2008-0238

Weakness Enumeration

Related Identifiers

Affected Products

References · 10