Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xine xine-lib 1 vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2007-1387
The DirectShow loader (loader/dshow/DS_VideoDecoder.c) in MPlayer 1.0rc1 and previous versions, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote malicious users to cause a buffer overflow and possibly execute arbitrary code, a...
Mplayer Mplayer
515
VMScore
CVE-2004-1475
Multiple stack-based buffer overflows in xine-lib 1-rc2 through 1-rc5 allow malicious users to execute arbitrary code via (1) long VideoCD vcd:// MRLs or (2) long subtitle lines.
Xine Xine-lib 0.99
Xine Xine 1 Rc3
Xine Xine 1 Rc4
Xine Xine-lib 1 Rc4
Xine Xine-lib 1 Rc5
Xine Xine 0.9.18
Xine Xine 1 Rc2
Xine Xine-lib 1 Rc2
Xine Xine-lib 1 Rc3
Xine Xine 1 Rc5
1 EDB exploit
505
VMScore
CVE-2004-1951
xine 1.x alpha, 1.x beta, and 1.0rc up to and including 1.0rc3a, and xine-ui 0.9.21 to 0.9.23 allows remote malicious users to overwrite arbitrary files via the (1) audio.sun_audio_device or (2) dxr3.devicename options in an MRL link.
Xine Xine-lib 1 Rc3a
Xine Xine-lib 1 Rc3b
Xine Xine 1 Beta10
Xine Xine 1 Beta11
Xine Xine 1 Beta7
Xine Xine 1 Beta8
Xine Xine 1 Rc3b
Xine Xine-lib 1 Rc2
Xine Xine 0.9.13
Xine Xine 0.9.8
Xine Xine 1 Beta1
Xine Xine 1 Beta5
Xine Xine 1 Beta6
Xine Xine 1 Rc3
Xine Xine 1 Rc3a
Xine Xine-lib 1 Rc3c
Xine Xine-ui 0.9.21
Xine Xine 1 Beta12
Xine Xine 1 Beta2
Xine Xine 1 Beta9
Xine Xine 1 Rc0a
Xine Xine-ui 0.9.22
1 EDB exploit
454
VMScore
CVE-2006-2200
Stack-based buffer overflow in libmms, as used by (a) MiMMS 0.0.9 and (b) xine-lib 1.1.0 and previous versions, allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via the (1) send_command, (2) string_utf16, (3) get_d...
Xine Xine-lib 1.1.0
Mimms Mimms 0.0.9
454
VMScore
CVE-2004-1476
Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows malicious users to execute arbitrary code via a VideoCD with an unterminated disk label.
Xine Xine 0.9.18
Xine Xine 1 Rc2
Xine Xine-lib 0.99
Xine Xine-lib 1 Rc2
Xine Xine-lib 1 Rc3
Xine Xine 1 Rc5
Xine Xine-lib 1 Rc4
Xine Xine-lib 1 Rc5
Xine Xine 1 Rc3
Xine Xine 1 Rc4
Suse Suse Linux 8.2
Suse Suse Linux 9.0
Suse Suse Linux 9.2
Suse Suse Linux 8.0
Suse Suse Linux 8.1
Suse Suse Linux 9.1
445
VMScore
CVE-2009-1274
Integer overflow in the qt_error parse_trak_atom function in demuxers/demux_qt.c in xine-lib 1.1.16.2 and previous versions allows remote malicious users to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, which triggers a heap-based buf...
Xine Xine-lib 1.1.11
Xine Xine-lib 1.1.11.1
Xine Xine-lib 1.1.10
Xine Xine-lib 1.1.14
Xine Xine-lib 1.1.13
Xine Xine-lib 1.1.16.1
Xine Xine-lib 1.1.16.2
Xine Xine-lib 1.1.15
Xine Xine-lib 1.1.12
Xine Xine-lib 1.1.1
Xine Xine-lib 1.1.10.1
Xine Xine-lib 1.1.0
383
VMScore
CVE-2008-5243
The real_parse_headers function in demux_real.c in xine-lib 1.1.12, and other 1.1.15 and previous versions versions, relies on an untrusted input length value to "reindex into an allocated buffer," which allows remote malicious users to cause a denial of service (crash)...
Xine Xine-lib 1.1.10.1
Xine Xine-lib 1.1.10
Xine Xine-lib 1.1.4
Xine Xine-lib 1.1.3
Xine Xine-lib 1
Xine Xine-lib 1 Beta9
Xine Xine-lib 1 Beta8
Xine Xine-lib 0.9.13
Xine Xine-lib 1.1.14
Xine Xine-lib 1.1.11.1
Xine Xine-lib 1.1.11
Xine Xine-lib 1.1.6
Xine Xine-lib 1.1.5
Xine Xine-lib 1.0.2
Xine Xine-lib 1.0.1
Xine Xine-lib 1.0
Xine Xine-lib 1 Beta11
Xine Xine-lib 1 Beta10
Xine Xine-lib 1 Beta3
Xine Xine-lib 1 Beta2
Xine Xine-lib 1 Beta1
Xine Xine-lib 1.1.9
383
VMScore
CVE-2008-5233
xine-lib 1.1.12, and other versions prior to 1.1.15, does not check for failure of malloc in circumstances including (1) the mymng_process_header function in demux_mng.c, (2) the open_mod_file function in demux_mod.c, and (3) frame_buffer allocation in the real_parse_audio_specif...
Xine Xine-lib 1.1.10.1
Xine Xine-lib 1.1.10
Xine Xine-lib 1.1.4
Xine Xine-lib 1.1.3
Xine Xine-lib 1.0
Xine Xine-lib 1
Xine Xine-lib 1.1.11.1
Xine Xine-lib 1.1.11
Xine Xine-lib 1.1.6
Xine Xine-lib 1.1.5
Xine Xine-lib 1.0.2
Xine Xine-lib 1.0.1
Xine Xine-lib 1 Beta11
Xine Xine-lib 1 Beta10
Xine Xine-lib 1 Beta3
Xine Xine-lib 1 Beta2
Xine Xine-lib 1.1.13
Xine Xine-lib
Xine Xine-lib 1.1.12
Xine Xine-lib 1.1.8
Xine Xine-lib 1.1.7
Xine Xine-lib 1.0.3a
383
VMScore
CVE-2008-5241
Integer underflow in demux_qt.c in xine-lib 1.1.12, and other 1.1.15 and previous versions versions, allows remote malicious users to cause a denial of service (crash) via a crafted media file that results in a small value of moov_atom_size in a compressed MOV (aka CMOV_ATOM).
Xine Xine-lib 1.1.13
Xine Xine-lib 1.1.9.1
Xine Xine-lib 1.1.8
Xine Xine-lib 1.0.3a
Xine Xine-lib 1.1.0
Xine Xine-lib 1
Xine Xine-lib 1 Beta5
Xine Xine-lib 1 Beta4
Xine Xine-lib 1.1.11
Xine Xine-lib 1.1.10.1
Xine Xine-lib 1.1.4
Xine Xine-lib 1.1.3
Xine Xine-lib 1.0
Xine Xine-lib 1 Beta9
Xine Xine-lib 1 Beta8
Xine Xine-lib 1 Beta1
Xine Xine-lib 0.9.13
Xine Xine-lib 1.1.10
Xine Xine-lib 1.1.9
Xine Xine-lib 1.1.2
Xine Xine-lib 1.1.1
Xine Xine-lib 1 Beta7
383
VMScore
CVE-2008-5247
The real_parse_audio_specific_data function in demux_real.c in xine-lib 1.1.12, and other 1.1.15 and previous versions versions, uses an untrusted height (aka codec_data_length) value as a divisor, which allow remote malicious users to cause a denial of service (divide-by-zero er...
Xine Xine-lib 1.1.13
Xine Xine-lib 1.1.12
Xine Xine-lib 1.1.7
Xine Xine-lib 1.1.6
Xine Xine-lib 1.1.10.1
Xine Xine-lib 1.1.10
Xine Xine-lib 1.1.9
Xine Xine-lib 1.1.3
Xine Xine-lib 1.1.2
Xine Xine-lib 1
Xine Xine-lib 1 Beta8
Xine Xine-lib 1 Beta7
Xine Xine-lib 0.9.13
Xine Xine-lib 1.1.14
Xine Xine-lib 1.1.0
Xine Xine-lib 1.0.2
Xine Xine-lib 1 Beta12
Xine Xine-lib 1 Beta11
Xine Xine-lib 1 Beta4
Xine Xine-lib 1 Beta3
Xine Xine-lib 1.1.9.1
Xine Xine-lib 1.1.8
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »