Multiple buffer overflows in the Real-Time Streaming Protocol (RTSP) client for (1) MPlayer prior to 1.0pre4 and (2) xine lib (xine-lib) prior to 1-rc4, when playing Real RTSP (realrtsp) streams, allow remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via (a) long URLs, (b) long Real server responses, or (c) long Real Data Transport (RDT) packets.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xine xine-lib 1 beta7 |
||
xine xine-lib 1 beta9 |
||
xine xine-lib 1 rc3b |
||
xine xine-lib 1 beta4 |
||
xine xine-lib 1 rc3c |
||
xine xine-lib 1 rc2 |
||
xine xine-lib 1 beta2 |
||
xine xine-lib 1 beta5 |
||
xine xine-lib 1 beta11 |
||
mplayer mplayer 1.0 pre3try2 |
||
xine xine-lib 1 beta6 |
||
xine xine-lib 1 rc3a |
||
xine xine-lib 1 beta1 |
||
xine xine-lib 1 beta10 |
||
xine xine-lib 1 beta8 |
||
xine xine-lib 1 beta3 |