NotCVE - vendor:"Xine" product:"Xine" version:"1

Page 4 of 27 results (0.007 seconds)

CVSS: 4.3EPSS: 0%CPEs: 49EXPL: 0

CVE-2008-5248

https://notcve.org/view.php?id=CVE-2008-5248

xine-lib before 1.1.15 allows remote attackers to cause a denial of service (crash) via "MP3 files with metadata consisting only of separators." xine-lib anterior a 1.1.15 permite a atacantes remotos causar una denegación de servicio(caída)a través de "archivos MP3 con metadatos que consisten únicamente de separadores." • http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html http://sourceforge.net/project/shownotes.php?release_id=619869 http://www.mandriva.com/security/advisories?name=MDVSA-2009:298 http://www.securityfocus.com/bid/32505 • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 33%CPEs: 31EXPL: 2

CVE-2006-1905 – Xine 0.9/1.0 - Playlist Handling Remote Format String

https://notcve.org/view.php?id=CVE-2006-1905

Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine 0.99.3 allow remote attackers to execute arbitrary code via format string specifiers in a long filename on an EXTINFO line in a playlist file. • https://www.exploit-db.com/exploits/27670 http://open-security.org/advisories/16 http://secunia.com/advisories/19671 http://secunia.com/advisories/19854 http://secunia.com/advisories/20066 http://securitytracker.com/id?1015959 http://sourceforge.net/mailarchive/message.php?msg_id=15429845 http://www.gentoo.org/security/en/glsa/glsa-200604-15.xml http://www.mandriva.com/security/advisories?name=MDKSA-2006:085 http://www.novell.com/linux/security/advisories/2006_05_05.html http& •

CVSS: 7.5EPSS: 1%CPEs: 16EXPL: 0

CVE-2005-1195

https://notcve.org/view.php?id=CVE-2005-1195

Multiple heap-based buffer overflows in the code used to handle (1) MMS over TCP (MMST) streams or (2) RealMedia RTSP streams in xine-lib before 1.0, and other products that use xine-lib such as MPlayer 1.0pre6 and earlier, allow remote malicious servers to execute arbitrary code. • http://cvs.sourceforge.net/viewcvs.py/xine/xine-lib/src/input/librtsp/rtsp.c?r1=1.18&r2=1.19&diff_format=u http://cvs.sourceforge.net/viewcvs.py/xine/xine-lib/src/input/mms.c?r1=1.55&r2=1.56&diff_format=u http://seclists.org/lists/bugtraq/2005/Apr/0337.html http://secunia.com/advisories/15014 http://securitytracker.com/id?1013771 http://www.gentoo.org/security/en/glsa/glsa-200504-19.xml http://www.mplayerhq.hu/homepage/design7/news.html#vuln10 http:/&#x •

CVSS: 5.1EPSS: 0%CPEs: 17EXPL: 0

CVE-2004-1476

https://notcve.org/view.php?id=CVE-2004-1476

Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows attackers to execute arbitrary code via a VideoCD with an unterminated disk label. • http://www.gentoo.org/security/en/glsa/glsa-200409-30.xml http://www.securityfocus.com/archive/1/375485/2004-09-02/2004-09-08/0 http://www.securityfocus.com/bid/11206 http://xinehq.de/index.php/security/XSA-2004-4 https://exchange.xforce.ibmcloud.com/vulnerabilities/17431 •

CVSS: 5.1EPSS: 0%CPEs: 10EXPL: 1

CVE-2004-1475 – xine 0.99.2 - Remote Stack Overflow

https://notcve.org/view.php?id=CVE-2004-1475

Multiple stack-based buffer overflows in xine-lib 1-rc2 through 1-rc5 allow attackers to execute arbitrary code via (1) long VideoCD vcd:// MRLs or (2) long subtitle lines. • https://www.exploit-db.com/exploits/386 http://security.gentoo.org/glsa/glsa-200408-18.xml http://www.gentoo.org/security/en/glsa/glsa-200409-30.xml http://www.securityfocus.com/archive/1/375485/2004-09-02/2004-09-08/0 http://www.securityfocus.com/bid/11206 http://xinehq.de/index.php/security/XSA-2004-4 https://exchange.xforce.ibmcloud.com/vulnerabilities/17430 https://exchange.xforce.ibmcloud.com/vulnerabilities/17432 •

1 2 3 4 5