Show filters
26 Total Results
Displaying 21-26 of 26
Sort by:
Attacker Value
Unknown

CVE-2008-1686

Disclosure Date: April 08, 2008 (last updated October 04, 2023)
Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer.
0
0
Attacker Value
Unknown

CVE-2008-0073

Disclosure Date: March 24, 2008 (last updated October 04, 2023)
Array index error in the sdpplin_parse function in input/libreal/sdpplin.c in xine-lib 1.1.10.1 allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter.
0
0
Attacker Value
Unknown

CVE-2008-1482

Disclosure Date: March 24, 2008 (last updated October 04, 2023)
Multiple integer overflows in xine-lib 1.1.11 and earlier allow remote attackers to trigger heap-based buffer overflows and possibly execute arbitrary code via (1) a crafted .FLV file, which triggers an overflow in demuxers/demux_flv.c; (2) a crafted .MOV file, which triggers an overflow in demuxers/demux_qt.c; (3) a crafted .RM file, which triggers an overflow in demuxers/demux_real.c; (4) a crafted .MVE file, which triggers an overflow in demuxers/demux_wc3movie.c; (5) a crafted .MKV file, which triggers an overflow in demuxers/ebml.c; or (6) a crafted .CAK file, which triggers an overflow in demuxers/demux_film.c.
0
0
Attacker Value
Unknown

CVE-2008-0486

Disclosure Date: February 05, 2008 (last updated October 04, 2023)
Array index vulnerability in libmpdemux/demux_audio.c in MPlayer 1.0rc2 and SVN before r25917, and possibly earlier versions, as used in Xine-lib 1.1.10, might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow.
0
0
Attacker Value
Unknown

CVE-2006-2802

Disclosure Date: June 03, 2006 (last updated October 04, 2023)
Buffer overflow in the HTTP Plugin (xineplug_inp_http.so) for xine-lib 1.1.1 allows remote attackers to cause a denial of service (application crash) via a long reply from an HTTP server, as demonstrated using gxine 0.5.6.
0
0
Attacker Value
Unknown

CVE-2006-1664

Disclosure Date: April 07, 2006 (last updated February 22, 2025)
Buffer overflow in xine_list_delete_current in libxine 1.14 and earlier, as distributed in xine-lib 1.1.1 and earlier, allows remote attackers to execute arbitrary code via a crafted MPEG stream.
0
0
View More Topics  < Previous