Multiple buffer overflows in the Real-Time Streaming Protocol (RTSP) client for (1) MPlayer prior to 1.0pre4 and (2) xine lib (xine-lib) prior to 1-rc4, when playing Real RTSP (realrtsp) streams, allow remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via (a) long URLs, (b) long Real server responses, or (c) long Real Data Transport (RDT) packets.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mplayer mplayer 1.0_pre3try2 |
||
xine xine-lib 1_beta1 |
||
xine xine-lib 1_beta6 |
||
xine xine-lib 1_beta7 |
||
xine xine-lib 1_beta2 |
||
xine xine-lib 1_beta3 |
||
xine xine-lib 1_rc2 |
||
xine xine-lib 1_rc3a |
||
xine xine-lib 1_beta4 |
||
xine xine-lib 1_beta5 |
||
xine xine-lib 1_rc3b |
||
xine xine-lib 1_rc3c |
||
xine xine-lib 1_beta10 |
||
xine xine-lib 1_beta11 |
||
xine xine-lib 1_beta8 |
||
xine xine-lib 1_beta9 |