Published: 26/11/2008 Updated: 08/03/2011

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Heap-based buffer overflow in the demux_real_send_chunk function in src/demuxers/demux_real.c in xine-lib prior to 1.1.15 allows remote malicious users to execute arbitrary code via a crafted Real Media file. NOTE: some of these details are obtained from third party information.

Vulnerable Product	Search on Vulmon	Subscribe to Product
xine xine 1.1.2
xine xine 1.1.1
xine xine 1.1.0
xine xine 1
xine xine 1.1.3
xine xine 0.9.13
xine xine 1.1.11
xine xine 1.0.3a
xine xine 1.0.2
xine xine
xine xine 1.1.11.1
xine xine 1.1.10.1
xine xine 1.0.1
xine xine 1.0

Debian Bug report logs - #498243 xine-lib: multiple heap overflows Package: xine-lib; Maintainer for xine-lib is (unknown); Reported by: Steffen Joeris <steffenjoeris@skolelinuxde> Date: Mon, 8 Sep 2008 12:27:02 UTC Severity: grave Tags: help, security, upstream Done: Nico Golde <nion@debianorg> Bug is archive ...

CWE-119 http://sourceforge.net/project/shownotes.php?release_id=619869 http://securitytracker.com/id?1020703 http://secunia.com/advisories/31502 http://www.securityfocus.com/bid/30698 http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html http://www.vupen.com/english/advisories/2008/2382 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=498243 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-5235

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect