Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2005-1195

Published: 02/05/2005 Updated: 11/07/2017
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

Multiple heap-based buffer overflows in the code used to handle (1) MMS over TCP (MMST) streams or (2) RealMedia RTSP streams in xine-lib prior to 1.0, and other products that use xine-lib such as MPlayer 1.0pre6 and previous versions, allow remote malicious servers to execute arbitrary code.

Vulnerable Product Search on Vulmon Subscribe to Product

xine xine-lib 1_beta11

xine xine-lib 1_beta2

xine xine-lib 1_beta9

xine xine-lib 1_rc2

xine xine-lib 1_beta5

xine xine-lib 1_beta6

xine xine-lib 1_rc3c

mplayer mplayer

xine xine-lib 1_beta1

xine xine-lib 1_beta10

xine xine-lib 1_beta7

xine xine-lib 1_beta8

xine xine-lib 1_beta3

xine xine-lib 1_beta4

xine xine-lib 1_rc3a

xine xine-lib 1_rc3b

Vendor Advisories

Ubuntu Security Notice: xine-lib vulnerabilities
Two buffer overflows have been discovered in the MMS and Real RTSP stream handlers of the Xine library By tricking a user to connect to a malicious MMS or RTSP video/audio stream source with an application that uses this library, an attacker could crash the client and possibly even execute arbitrary code with the privileges of the player applicati ...

References

NVD-CWE-Otherhttp://www.mplayerhq.hu/homepage/design7/news.html#vuln10http://www.mplayerhq.hu/homepage/design7/news.html#vuln11http://www.gentoo.org/security/en/glsa/glsa-200504-19.xmlhttp://www.osvdb.org/15711http://www.osvdb.org/15712http://secunia.com/advisories/15014http://seclists.org/lists/bugtraq/2005/Apr/0337.htmlhttp://securitytracker.com/id?1013771http://cvs.sourceforge.net/viewcvs.py/xine/xine-lib/src/input/librtsp/rtsp.c?r1=1.18&r2=1.19&diff_format=uhttp://cvs.sourceforge.net/viewcvs.py/xine/xine-lib/src/input/mms.c?r1=1.55&r2=1.56&diff_format=uhttp://www.securityfocus.com/bid/13271http://www.securityfocus.com/archive/1/396703https://exchange.xforce.ibmcloud.com/vulnerabilities/20175https://exchange.xforce.ibmcloud.com/vulnerabilities/20171https://usn.ubuntu.com/123-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673CVE-2024-36674CVE-2024-27348unspecifiedCVE-2024-24919CVE-2024-4870malicious code‎CVE-2024-2019hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook