Published: 17/04/2008 Updated: 29/09/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Stack-based buffer overflow in the demux_nsf_send_chunk function in src/demuxers/demux_nsf.c in xine-lib 1.1.12 and previous versions allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a long NSF title.

Vulnerable Product	Search on Vulmon	Subscribe to Product
xine xine-lib 1.1.9
xine xine-lib
xine xine-lib 1.1.0
xine xine-lib 1.1.1
xine xine-lib 1.1.10
xine xine-lib 1.1.10.1
xine xine-lib 1.1.11
xine xine-lib 1.1.11.1

Alin Rad Pop discovered an array index vulnerability in the SDP parser If a user or automated system were tricked into opening a malicious RTSP stream, a remote attacker may be able to execute arbitrary code with the privileges of the user invoking the program (CVE-2008-0073) ...

Debian Bug report logs - #475152 libfishsound: CVE-2008-1686 code execution via crafted header containing negative offsets Package: libfishsound1; Maintainer for libfishsound1 is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Source for libfishsound1 is src:libfishsound (PTS, buildd, popcon) Reported by: ...

Debian Bug report logs - #473057 vlc: CVE-2008-0073 code execution via crafted rtsp stream Package: vlc; Maintainer for vlc is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Source for vlc is src:vlc (PTS, buildd, popcon) Reported by: Nico Golde <nion@debianorg> Date: Fri, 28 Mar 2008 01:18:01 U ...

Multiple vulnerabilities have been discovered in xine-lib, a library which supplies most of the application functionality of the xine multimedia player The Common Vulnerabilities and Exposures project identifies the following three problems: CVE-2008-1482 Integer overflow vulnerabilities exist in xine's FLV, QuickTime, RealMedia, MVE and ...

xine-lib <= 1112 is prone to a stack-based buffer overflow in the NES Sound Format demuxer(demux_nsfc) - Code open_nsf_file(): 109: this->title = strdup(&header[0x0E]); demux_nsf_send_chunk(): 122: char title[100]; 162: sprintf(title, "%s, song %d/%d", this->title, this->current_song, this->total_songs); ...

CWE-119 http://secunia.com/advisories/29850 http://www.securityfocus.com/bid/28816 https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00536.html https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00571.html http://secunia.com/advisories/30021 http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html http://www.mandriva.com/security/advisories?name=MDVSA-2008:177 http://secunia.com/advisories/31372 http://www.mandriva.com/security/advisories?name=MDVSA-2008:178 http://secunia.com/advisories/30581 http://secunia.com/advisories/31393 http://www.ubuntu.com/usn/usn-635-1 http://security.gentoo.org/glsa/glsa-200808-01.xml http://www.debian.org/security/2008/dsa-1586 http://secunia.com/advisories/30337 http://www.vupen.com/english/advisories/2008/1247/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41865 https://www.exploit-db.com/exploits/5458 https://usn.ubuntu.com/635-1/https://nvd.nist.gov https://www.exploit-db.com/exploits/5458/

CVE-2008-1878

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect