CVE-2009-1274
https://notcve.org/view.php?id=CVE-2009-1274
Integer overflow in the qt_error parse_trak_atom function in demuxers/demux_qt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, which triggers a heap-based buffer overflow. Desbordamiento de entero en la función qt_error parse_trak_atom en demuxers/demux_qt.c en xine-lib v1.1.16.2 y anteriores permite a atacantes remotos ejecutar código de su elección a través de un fichero de vídeo Quicktime, con un valor largo de contador en un elemento STTS, lo que provoca un desbordamiento de búfer basado en montículo. • http://bugs.xine-project.org/show_bug.cgi?id=224 http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html http://osvdb.org/53288 http://secunia.com/advisories/34593 http://secunia.com/advisories/34712 http://secunia.com/advisories/35416 http://sourceforge.net/project/shownotes.php?group_id=9655&release_id=673233 http://www.mandriva.com/security/advisories?name=MDVSA-2009:298 http://www.mandriva.com/security/advisories?name=MDVSA-2009:299 http://www.securityfocus • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2009-0698
https://notcve.org/view.php?id=CVE-2009-0698
Integer overflow in the 4xm demuxer (demuxers/demux_4xm.c) in xine-lib 1.1.16.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a 4X movie file with a large current_track value, a similar issue to CVE-2009-0385. Un desbordamiento de entero en el demuxer 4xm (demuxers/demux_4xm.c) en xine-lib 1.1.16.1 permite a atacantes remotos provocar una denegación de servicio (con caída de la aplicación) y posiblemente ejecutar código arbitrario a través de un archivo de película 4X con un gran valor current_track. Se trata de un problema similar al de CVE-2009-0385. • http://bugs.xine-project.org/show_bug.cgi?id=205 http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html http://sourceforge.net/project/shownotes.php?release_id=660071 http://www.mandriva.com/security/advisories?name=MDVSA-2009:298 http://www.mandriva.com/security/advisories?name=MDVSA-2009:299 http://www.securityfocus.com/archive/1/500514/100/0/threaded http://www.trapkit.de/advisories/TKADV2009-004.txt http://www.ubuntu.com/usn/USN-746-1 https://exchange • CWE-189: Numeric Errors •
CVE-2008-5244
https://notcve.org/view.php?id=CVE-2008-5244
Unspecified vulnerability in xine-lib before 1.1.15 has unknown impact and attack vectors related to libfaad. NOTE: due to the lack of details, it is not clear whether this is an issue in xine-lib or in libfaad. Vulnerabilidad no especificada en xine-lib anterior a v1.1.15, tiene un impacto desconocido y vectores de ataque relacionados con libfaad. NOTA: Debido a la falta de detalles, no está claro si es una vulnerabilidad que afecta a xine-lib o a libfaad. • http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html http://securitytracker.com/id?1020703 http://sourceforge.net/project/shownotes.php?release_id=619869 •
CVE-2008-5240
https://notcve.org/view.php?id=CVE-2008-5240
xine-lib 1.1.12, and other 1.1.15 and earlier versions, relies on an untrusted input value to determine the memory allocation and does not check the result for (1) the MATROSKA_ID_TR_CODECPRIVATE track entry element processed by demux_matroska.c; and (2) PROP_TAG, (3) MDPR_TAG, and (4) CONT_TAG chunks processed by the real_parse_headers function in demux_real.c; which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) or possibly execute arbitrary code via a crafted value. xine-lib 1.1.12, y otras versiones anteriores a 1.1.15, se basa en un valor de entrada no confiable para determinar la localización de memoria y no comprobar el resultado para (1) el elemento pista de entrada MATROSKA_ID_TR_CODECPRIVATE procesado por demux_matroska.c; y (2) PROP_TAG, (3) MDPR_TAG, y (4) CONT_TAG trozos procesados por la función real_parse_headers en demux_real.c; el cual permite a los atacantes remotos causar una denegación de servicios (putero nulo no referenciado y caída) o posiblemente ejecuta código arbitrario a través de un valor manipulado. • http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html http://secunia.com/advisories/31827 http://secunia.com/advisories/33544 http://securityreason.com/securityalert/4648 http://www.mandriva.com/security/advisories?name=MDVSA-2009:020 http://www.ocert.org/analysis/2008-008/analysis.txt http://www.osvdb.org/47742 http://www.securityfocus.com/archive/1/495674/100/0/threaded http://www.securityfocus.com/bid/30797 https://exchange.xforce.ibmcloud.com/vulnerabilities/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2008-5241
https://notcve.org/view.php?id=CVE-2008-5241
Integer underflow in demux_qt.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, allows remote attackers to cause a denial of service (crash) via a crafted media file that results in a small value of moov_atom_size in a compressed MOV (aka CMOV_ATOM). Desbordamiento inferior de búfer en demux_qt.c en xine-lib 1.1.12, y otras 1.1.15 y versiones anteriores, permite a atacantes remotos provocar una denegación de servicio (caída) mediante un archivo media manipulado que resulta en un valor pequeño de moov_atom_size en un MOV comprimido (también conocido como CMOV_ATOM). • http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html http://secunia.com/advisories/31827 http://securityreason.com/securityalert/4648 http://www.mandriva.com/security/advisories?name=MDVSA-2009:020 http://www.ocert.org/analysis/2008-008/analysis.txt http://www.securityfocus.com/archive/1/495674/100/0/threaded http://www.securityfocus.com/bid/30797 https://exchange.xforce.ibmcloud.com/vulnerabilities/44656 https://www.redhat.com/archives/fedora-package-announce/2008-Septe • CWE-189: Numeric Errors •