Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xine-lib vulnerabilities and exploits
(subscribe to this query)
5.1
CVSSv2
CVE-2004-1476
Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows malicious users to execute arbitrary code via a VideoCD with an unterminated disk label.
Xine Xine 0.9.18
Xine Xine 1 Rc2
Xine Xine-lib 0.99
Xine Xine-lib 1 Rc2
Xine Xine-lib 1 Rc3
Xine Xine 1 Rc5
Xine Xine-lib 1 Rc4
Xine Xine-lib 1 Rc5
Xine Xine 1 Rc3
Xine Xine 1 Rc4
Suse Suse Linux 8.2
Suse Suse Linux 9.0
Suse Suse Linux 9.2
Suse Suse Linux 8.0
Suse Suse Linux 8.1
Suse Suse Linux 9.1
6.8
CVSSv2
CVE-2008-1482
Multiple integer overflows in xine-lib 1.1.11 and previous versions allow remote malicious users to trigger heap-based buffer overflows and possibly execute arbitrary code via (1) a crafted .FLV file, which triggers an overflow in demuxers/demux_flv.c; (2) a crafted .MOV file, wh...
Xine Xine-lib 1.1.11
1 EDB exploit
10
CVSSv2
CVE-2004-1300
Buffer overflow in the open_aiff_file function in demux_aiff.c for xine-lib (libxine) 1-rc7 allows remote malicious users to execute arbitrary code via a crafted AIFF file.
Xine Xine-lib 1 Rc7
1 EDB exploit
6.8
CVSSv2
CVE-2008-0073
Array index error in the sdpplin_parse function in input/libreal/sdpplin.c in xine-lib 1.1.10.1 allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter.
Xine Xine-lib 1.1.10.1
1 EDB exploit
7.5
CVSSv2
CVE-2009-0698
Integer overflow in the 4xm demuxer (demuxers/demux_4xm.c) in xine-lib 1.1.16.1 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a 4X movie file with a large current_track value, a similar issue to CVE-2009-0385.
Xine Xine-lib 1.1.16.1
6.8
CVSSv2
CVE-2008-1110
Buffer overflow in demuxers/demux_asf.c (aka the ASF demuxer) in the xineplug_dmx_asf.so plugin in xine-lib prior to 1.1.10 allows remote malicious users to execute arbitrary code or cause a denial of service (crash) via a crafted ASF header. NOTE: this issue leads to a crash whe...
Xine Xine-plugin
Xine Xine-lib
1 EDB exploit
7.5
CVSSv2
CVE-2008-0486
Array index vulnerability in libmpdemux/demux_audio.c in MPlayer 1.0rc2 and SVN before r25917, and possibly earlier versions, as used in Xine-lib 1.1.10, might allow remote malicious users to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow.
Mplayer Mplayer 1.02rc2
Xine Xine-lib 1.1.10
5.1
CVSSv2
CVE-2006-2200
Stack-based buffer overflow in libmms, as used by (a) MiMMS 0.0.9 and (b) xine-lib 1.1.0 and previous versions, allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via the (1) send_command, (2) string_utf16, (3) get_d...
Xine Xine-lib 1.1.0
Mimms Mimms 0.0.9
5
CVSSv2
CVE-2004-1951
xine 1.x alpha, 1.x beta, and 1.0rc up to and including 1.0rc3a, and xine-ui 0.9.21 to 0.9.23 allows remote malicious users to overwrite arbitrary files via the (1) audio.sun_audio_device or (2) dxr3.devicename options in an MRL link.
Xine Xine-lib 1 Rc3a
Xine Xine-lib 1 Rc3b
Xine Xine 1 Beta10
Xine Xine 1 Beta11
Xine Xine 1 Beta7
Xine Xine 1 Beta8
Xine Xine 1 Rc3b
Xine Xine-lib 1 Rc2
Xine Xine 0.9.13
Xine Xine 0.9.8
Xine Xine 1 Beta1
Xine Xine 1 Beta5
Xine Xine 1 Beta6
Xine Xine 1 Rc3
Xine Xine 1 Rc3a
Xine Xine-lib 1 Rc3c
Xine Xine-ui 0.9.21
Xine Xine 1 Beta12
Xine Xine 1 Beta2
Xine Xine 1 Beta9
Xine Xine 1 Rc0a
Xine Xine-ui 0.9.22
1 EDB exploit
7.1
CVSSv2
CVE-2008-5238
Integer overflow in the real_parse_mdpr function in demux_real.c in xine-lib 1.1.12, and other versions prior to 1.1.15, allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted stream_name_size field.
Xine Xine 1.0.1
Xine Xine 1.0
Xine Xine 1
Xine Xine 1.1.1
Xine Xine 1.1.0
Xine Xine 1.1.11.1
Xine Xine 1.1.10.1
Xine Xine 1.1.3
Xine Xine 1.1.2
Xine Xine 0.9.13
Xine Xine 1.1.11
Xine Xine 1.0.3a
Xine Xine 1.0.2
Xine Xine
Xine Xine 1.1.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »