CVSS: 10.0EPSS: 5%CPEs: 1EXPL: 2CVE-2004-1300 – Xine-Lib 0.9/1 - Remote Client-Side Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-1300
Buffer overflow in the open_aiff_file function in demux_aiff.c for xine-lib (libxine) 1-rc7 allows remote attackers to execute arbitrary code via a crafted AIFF file. • https://www.exploit-db.com/exploits/24978 http://tigger.uic.edu/~jlongs2/holes/xine-lib.txt http://www.mandriva.com/security/advisories?name=MDKSA-2005:011 https://exchange.xforce.ibmcloud.com/vulnerabilities/18611 •
CVSS: 2.1EPSS: 0%CPEs: 19EXPL: 0CVE-2004-0372
https://notcve.org/view.php?id=CVE-2004-0372
xine allows local users to overwrite arbitrary files via a symlink attack on a bug report email that is generated by the (1) xine-bugreport or (2) xine-check scripts. xine permite a usuarios locales sobreecribir ficheros arbitrarios mediante un ataque de enlaces simbólicos (symlink attack) aprovechando un correo electrónico de informe de errores que es generado por los scripts xine-bugreport o xine-check. • http://marc.info/?l=bugtraq&m=107997911025558&w=2 http://security.gentoo.org/glsa/glsa-200404-20.xml http://www.debian.org/security/2004/dsa-477 http://www.securityfocus.com/bid/9939 https://exchange.xforce.ibmcloud.com/vulnerabilities/15564 •