Integer overflow in the qt_error parse_trak_atom function in demuxers/demux_qt.c in xine-lib 1.1.16.2 and previous versions allows remote malicious users to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, which triggers a heap-based buffer overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xine xine-lib 1.1.11 |
||
xine xine-lib 1.1.11.1 |
||
xine xine-lib 1.1.10 |
||
xine xine-lib 1.1.14 |
||
xine xine-lib 1.1.13 |
||
xine xine-lib 1.1.16.1 |
||
xine xine-lib 1.1.16.2 |
||
xine xine-lib 1.1.15 |
||
xine xine-lib 1.1.12 |
||
xine xine-lib 1.1.1 |
||
xine xine-lib 1.1.10.1 |
||
xine xine-lib 1.1.0 |