Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2008-1161

Published: 10/03/2008 Updated: 07/11/2023
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 828
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Matroska

Vulnerability Summary

Buffer overflow in the Matroska demuxer (demuxers/demux_matroska.c) in xine-lib prior to 1.1.10.1 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a Matroska file with invalid frame sizes.

Vulnerable Product Search on Vulmon Subscribe to Product

matroska demuxer

Vendor Advisories

Ubuntu Security Notice: xine-lib vulnerabilities
Alin Rad Pop discovered an array index vulnerability in the SDP parser If a user or automated system were tricked into opening a malicious RTSP stream, a remote attacker may be able to execute arbitrary code with the privileges of the user invoking the program (CVE-2008-0073) ...
Debian Security Advisories: DSA-1536-1 libxine -- several vulnerabilities
Several local vulnerabilities have been discovered in Xine, a media player library, allowed for a denial of service or arbitrary code execution, which could be exploited through viewing malicious content The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-1246 / CVE-2007-1387 The DMO_VideoDecoder_Open ...

References

CWE-119http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.htmlhttp://secunia.com/advisories/29323http://www.debian.org/security/2008/dsa-1536http://www.securityfocus.com/bid/28543http://secunia.com/advisories/29601http://www.ubuntu.com/usn/usn-635-1http://www.mandriva.com/security/advisories?name=MDVSA-2008:178http://secunia.com/advisories/31393https://exchange.xforce.ibmcloud.com/vulnerabilities/41172http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset%3Bnode=a62d6f482a69%3Bstyle=gitwebhttps://usn.ubuntu.com/635-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversalCVE-2024-26978CVE-2024-26982wirelessCVE-2023-6949CVE-2024-26980CVE-2024-32766CVE-2024-26939cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook