Format string vulnerability in input_cdda.c in xine-lib 1-beta through 1-beta 3, 1-rc, 1.0 up to and including 1.0.2, and 1.1.1 allows remote servers to execute arbitrary code via format string specifiers in metadata in CDDB server responses when the victim plays a CD.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xine xine-lib 1.0 |
||
xine xine-lib 1.0.1 |
||
xine xine-lib 0.9.13 |
||
xine xine-lib 1.0.2 |
||
xine xine-lib 1.1.0 |