Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

xine xine 1 rc2 vulnerabilities and exploits

(subscribe to this query)
NA

CVE-2004-1475

Multiple stack-based buffer overflows in xine-lib 1-rc2 through 1-rc5 allow malicious users to execute arbitrary code via (1) long VideoCD vcd:// MRLs or (2) long subtitle lines.
Xine Xine 0.9.18Xine Xine-lib 1 Rc3Xine Xine 1 Rc4Xine Xine-lib 1 Rc5Xine Xine 1 Rc2Xine Xine-lib 1 Rc2Xine Xine 1 Rc5Xine Xine-lib 0.99Xine Xine 1 Rc3Xine Xine-lib 1 Rc4
NA

CVE-2004-1951

xine 1.x alpha, 1.x beta, and 1.0rc up to and including 1.0rc3a, and xine-ui 0.9.21 to 0.9.23 allows remote malicious users to overwrite arbitrary files via the (1) audio.sun_audio_device or (2) dxr3.devicename options in an MRL link.
Xine Xine 1 Beta9Xine Xine 1 Beta3Xine Xine 1 Rc0aXine Xine-lib 1 Rc3bXine Xine 1 Beta4Xine Xine 1 Rc3bXine Xine 1 Beta2Xine Xine 0.9.8Xine Xine 1 Rc3aXine Xine-ui 0.9.21Xine Xine 1 Rc2Xine Xine-lib 1 Rc3cXine Xine 1 Beta10Xine Xine 1 Beta12Xine Xine-ui 0.9.23Xine Xine 1 Beta11Xine Xine 1 Beta7Xine Xine 1 Beta8Xine Xine 0.9.13Xine Xine 1 Rc1Xine Xine-lib 1 Rc2Xine Xine 1 Beta6
NA

CVE-2004-1476

Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows malicious users to execute arbitrary code via a VideoCD with an unterminated disk label.
Xine Xine 0.9.18Xine Xine-lib 1 Rc3Xine Xine 1 Rc4Xine Xine-lib 1 Rc5Xine Xine 1 Rc2Xine Xine-lib 1 Rc2Xine Xine 1 Rc5Xine Xine-lib 0.99Xine Xine 1 Rc3Xine Xine-lib 1 Rc4Suse Suse Linux 9.0Suse Suse Linux 8.0Suse Suse Linux 9.2Suse Suse Linux 9.1Suse Suse Linux 8.2Suse Suse Linux 8.1
NA

CVE-2004-0372

xine allows local users to overwrite arbitrary files via a symlink attack on a bug report email that is generated by the (1) xine-bugreport or (2) xine-check scripts.
Xine Xine 1 Beta9Xine Xine 1 Beta3Xine Xine 1 Rc0aXine Xine 1 Beta4Xine Xine 1 Rc3bXine Xine 1 Beta2Xine Xine 1 Rc3aXine Xine 1 Rc2Xine Xine 1 Beta10Xine Xine 1 Beta12Xine Xine 1 Beta11Xine Xine 1 Beta7Xine Xine 1 Beta8Xine Xine 0.9.13Xine Xine 1 Rc1Xine Xine 1 Beta6Xine Xine 1 Beta1Xine Xine 1 Rc3Xine Xine 1 Beta5
NA

CVE-2004-1379

Heap-based buffer overflow in the DVD subpicture decoder in xine xine-lib 1-rc5 and previous versions allows remote malicious users to execute arbitrary code via a (1) DVD or (2) MPEG subpicture header where the second field reuses RLE data from the end of the first field.
Xine Xine 1 Beta9Xine Xine 1 Beta3Xine Xine 1 Rc0aXine Xine-lib 1 Beta7Xine Xine-lib 1 Rc3Xine Xine 1 Rc4Xine Xine-lib 1 Beta9Xine Xine 1 AlphaXine Xine-lib 1 Rc3bXine Xine 1 Beta4Xine Xine-lib 0.9.8Xine Xine-lib 1 Beta4Xine Xine-lib 1 Rc5Xine Xine 1 Rc3bXine Xine 1 Beta2Xine Xine 1 Rc3aXine Xine 1 Rc2Xine Xine-lib 1 Rc3cXine Xine 1 Beta10Xine Xine 1 Beta12Xine Xine 1 Beta11Xine Xine 1 Beta7
NA

CVE-2006-1905

Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine 0.99.3 allow remote malicious users to execute arbitrary code via format string specifiers in a long filename on an EXTINFO line in a playlist file.
Xine Xine 1 Rc6aXine Xine 1.0.1Xine Xine 1 Beta9Xine Xine 0.9.18Xine Xine 1 Beta3Xine Xine 1 Rc0aXine Xine 1 Rc7Xine Xine 1 Rc4Xine Xine 1 AlphaXine Xine 1 Beta4Xine Xine 1 Rc3bXine Xine 1 Beta2Xine Xine 0.9.8Xine Xine 1 Rc3aXine Xine 1 Rc2Xine Xine 1 Rc8Xine Xine 1.0Xine Xine 1 Beta10Xine Xine 1 Beta12Xine Xine 1 Beta11Xine Xine 1 Beta7Xine Xine 1 Beta8
NA

CVE-2004-0433

Multiple buffer overflows in the Real-Time Streaming Protocol (RTSP) client for (1) MPlayer prior to 1.0pre4 and (2) xine lib (xine-lib) prior to 1-rc4, when playing Real RTSP (realrtsp) streams, allow remote malicious users to cause a denial of service (crash) and possibly execu...
Xine Xine-lib 1 Beta7Xine Xine-lib 1 Beta9Xine Xine-lib 1 Rc3bXine Xine-lib 1 Beta4Xine Xine-lib 1 Rc3cXine Xine-lib 1 Rc2Xine Xine-lib 1 Beta2Xine Xine-lib 1 Beta5Xine Xine-lib 1 Beta11Mplayer Mplayer 1.0 Pre3try2Xine Xine-lib 1 Beta6Xine Xine-lib 1 Rc3aXine Xine-lib 1 Beta1Xine Xine-lib 1 Beta10Xine Xine-lib 1 Beta8Xine Xine-lib 1 Beta3
NA

CVE-2005-1195

Multiple heap-based buffer overflows in the code used to handle (1) MMS over TCP (MMST) streams or (2) RealMedia RTSP streams in xine-lib prior to 1.0, and other products that use xine-lib such as MPlayer 1.0pre6 and previous versions, allow remote malicious servers to execute ar...
Mplayer MplayerXine Xine-lib 1 Beta7Xine Xine-lib 1 Beta9Xine Xine-lib 1 Rc3bXine Xine-lib 1 Beta4Xine Xine-lib 1 Rc3cXine Xine-lib 1 Rc2Xine Xine-lib 1 Beta2Xine Xine-lib 1 Beta5Xine Xine-lib 1 Beta11Xine Xine-lib 1 Beta6Xine Xine-lib 1 Rc3aXine Xine-lib 1 Beta1Xine Xine-lib 1 Beta10Xine Xine-lib 1 Beta8Xine Xine-lib 1 Beta3
NA

CVE-2004-1455

Stack-based buffer overflow in Xine-lib-rc5 in xine-lib 1_rc5-r2 and previous versions allows remote malicious users to execute arbitrary code via crafted playlists that result in a long vcd:// URL.
Xine Xine-lib 1 Beta7Xine Xine-lib 1 Beta9Xine Xine-lib 1 Rc3bXine Xine-lib 1 Beta4Xine Xine-lib 1 Rc5Xine Xine-lib 1 Rc5 R2Xine Xine-lib 1 Rc3cXine Xine-lib 1 Rc2Xine Xine-lib 1 Beta2Xine Xine-lib 1 Beta5Xine Xine-lib 1 Beta11Xine Xine-lib 1 Beta6Xine Xine-lib 1 Rc3aXine Xine-lib 1 Beta1Xine Xine-lib 1 Rc4Xine Xine-lib 1 Beta10Xine Xine-lib 1 Beta8Xine Xine-lib 1 Beta3
NA

CVE-2004-1187

Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and other packages such as MPlayer that use the same code, allows remote malicious users to execute arbitrary code via long PNA_TAG values, a different vulnerability than CVE-2004-1188.
Xine Xine 1 Rc6aXine Xine 1 Beta9Mplayer Mplayer 0.92Xine Xine 0.9.18Xine Xine 1 Beta3Xine Xine 1 Rc0aXine Xine-lib 1 Beta7Mplayer Mplayer 1.0 Pre2Mplayer Mplayer 0.90Xine Xine 1 Rc7Mplayer Mplayer 1.0 Pre1Mplayer Mplayer 0.90 RcXine Xine-lib 1 Rc3Xine Xine 1 Rc4Xine Xine-lib 1 Beta9Mplayer Mplayer 1.0 Pre5try2Xine Xine 1 AlphaXine Xine-lib 1 Rc3bXine Xine-lib 1 AlphaXine Xine 1 Beta4Mplayer Mplayer Head CvsMplayer Mplayer 0.92.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103CVE-2024-36279CVE-2024-38457elevation of privilegeCVE-2024-27801CVE-2024-30103NULL pointer dereferenceCVE-2024-6057XML injection
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook