Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine 0.99.3 allow remote malicious users to execute arbitrary code via format string specifiers in a long filename on an EXTINFO line in a playlist file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xine xine 0.9.13 |
||
xine xine 0.9.18 |
||
xine xine 1_beta11 |
||
xine xine 1_beta12 |
||
xine xine 1_beta9 |
||
xine xine 1_rc0 |
||
xine xine 1_rc4 |
||
xine xine 1_rc5 |
||
xine xine 1.0.1 |
||
xine xine 1_alpha |
||
xine xine 1_beta4 |
||
xine xine 1_beta5 |
||
xine xine 1_beta6 |
||
xine xine 1_rc2 |
||
xine xine 1_rc3 |
||
xine xine 1_rc7 |
||
xine xine 1_rc8 |
||
xine xine 1_beta1 |
||
xine xine 1_beta10 |
||
xine xine 1_beta7 |
||
xine xine 1_beta8 |
||
xine xine 1_rc3a |
||
xine xine 1_rc3b |
||
xine xine 0.9.8 |
||
xine xine 1.0 |
||
xine xine 1_beta2 |
||
xine xine 1_beta3 |
||
xine xine 1_rc0a |
||
xine xine 1_rc1 |
||
xine xine 1_rc6 |
||
xine xine 1_rc6a |