2008-11-26 02:30:00 2018-10-11 22:54:32

Integer overflow in the real_parse_mdpr function in demux_real.c in xine-lib 1.1.12, and other versions before 1.1.15, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted stream_name_size field.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

COMPLETE
Xine Xine 1.1.3 (not an official CPE) Xine Xine 1.1.2 (not an official CPE) Xine Xine 1.1.1 (not an official CPE) Xine Xine 1.1.0 (not an official CPE) Xine Xine 1.0.3a (not an official CPE) Xine Xine 1.0.2 (not an official CPE) Xine Xine 1.0.1 (not an official CPE) Xine Xine 1.0 (not an official CPE) Xine Xine 1 Rc8 (not an official CPE) Xine Xine 1 Rc7 (not an official CPE) Xine Xine 1 Rc6a (not an official CPE) Xine Xine 1 Rc5 (not an official CPE) Xine Xine 1 Rc4a (not an official CPE) Xine Xine 1 Rc4 (not an official CPE) Xine Xine 1 Rc3c (not an official CPE) Xine Xine 1 Rc3b (not an official CPE) Xine Xine 1 Rc3a (not an official CPE) Xine Xine 1 Rc3 (not an official CPE) Xine Xine 1 Rc2 (not an official CPE) Xine Xine 1 Rc1 (not an official CPE) Xine Xine 1 Rc0a (not an official CPE) Xine Xine 1 Beta9 (not an official CPE) Xine Xine 1 Beta8 (not an official CPE) Xine Xine 1 Beta7 (not an official CPE) Xine Xine 1 Beta6 (not an official CPE) Xine Xine 1 Beta5 (not an official CPE) Xine Xine 1 Beta4 (not an official CPE) Xine Xine 1 Beta3 (not an official CPE) Xine Xine 1 Beta2 (not an official CPE) Xine Xine 1 Beta12 (not an official CPE) Xine Xine 1 Beta11 (not an official CPE) Xine Xine 1 Beta10 (not an official CPE) Xine Xine 1 Beta1 (not an official CPE) Xine Xine 0.9.13 (not an official CPE) Xine Xine 1.1.4 (not an official CPE) Xine Xine 1.1.10.1 (not an official CPE) Xine Xine 1.1.11 (not an official CPE) Xine Xine 1.1.11.1 (not an official CPE) Xine Xine 1.1.14 (not an official CPE)