Page 4 of 32 results (0.013 seconds)

CVSS: 9.3EPSS: 11%CPEs: 40EXPL: 0

Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer. Una vulnerabilidad de índice de matriz en Speex versión 1.1.12 y anteriores, tal y como es usado en libfishsound versión 0.9.0 y anteriores, incluyendo Illiminable DirectShow Filters y Annodex Plugins para Firefox, xine-lib versiones anteriores a 1.1.12, y muchos otros productos, permite a los atacantes remotos ejecutar código arbitrario por medio de una estructura de encabezado que contiene un desplazamiento negativo, que se utiliza para desreferenciar un puntero de función. • http://blog.kfish.org/2008/04/release-libfishsound-091.html http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html http://lists.xiph.org/pipermail/speex-dev/2008-April/006636.html http://secunia.com/advisories/29672 http://secunia.com/advisories/29727 http://secunia.com/advisories/29835 http://secunia.com/advisories/29845 http://secunia.com/advisories/29854 http://secunia.com/advisories/29866 http://secunia.com/advisories/29878 http://secunia.com/advisories • CWE-189: Numeric Errors •

CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 1

Array index error in the sdpplin_parse function in input/libreal/sdpplin.c in xine-lib 1.1.10.1 allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter. Error de índice de array en la función sdpplin_parse de input/libreal/sdpplin.c en xine-lib 1.1.10.1 permite a servidores RTSP remotos ejecutar código de su elección a través de un parámetro streamid SDP grande. • https://www.exploit-db.com/exploits/5498 http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html http://secunia.com/advisories/28694 http://secunia.com/advisories/29392 http://secunia.com/advisories/29472 http://secunia.com/advisories/29503 http://secunia.com/advisories/29578 http://secunia.com/advisories/29601 http://secunia.com/advisories/29740 http://secunia.com/advisories/29766 http:&# • CWE-189: Numeric Errors •

CVSS: 6.8EPSS: 7%CPEs: 1EXPL: 4

Multiple integer overflows in xine-lib 1.1.11 and earlier allow remote attackers to trigger heap-based buffer overflows and possibly execute arbitrary code via (1) a crafted .FLV file, which triggers an overflow in demuxers/demux_flv.c; (2) a crafted .MOV file, which triggers an overflow in demuxers/demux_qt.c; (3) a crafted .RM file, which triggers an overflow in demuxers/demux_real.c; (4) a crafted .MVE file, which triggers an overflow in demuxers/demux_wc3movie.c; (5) a crafted .MKV file, which triggers an overflow in demuxers/ebml.c; or (6) a crafted .CAK file, which triggers an overflow in demuxers/demux_film.c. Múltiples desbordamientos de entero en xine-lib 1.1.11 y anteriores permiten a atacantes remotos disparar desbordamientos de búfer basados en montículo y posiblemente ejecutar código de su elección a través de (1) un archivo .FLV manipulado, que dispara un desbordamiento en demuxers/demux_flv.c; (2) un archivo .MOV manipulado, que dispara un desbordamiento en demuxers/demux_qt.c; (3) un archivo .RM manipulado, que dispara un desbordamiento en demuxers/demux_real.c; (4) un archivo .MVE manipulado, que dispara un desbordamiento en demuxers/demux_wvc3movie.c; (5) un archivo .MKV manipulado, que dispara un desbordamiento en demuxers/ebml.c; o (6) un archivo .CAK manipulado, que dispara un desbordamiento en demuxers/demux_film.c. • https://www.exploit-db.com/exploits/31462 http://aluigi.altervista.org/adv/xinehof-adv.txt http://aluigi.org/poc/xinehof.zip http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html http://secunia.com/advisories/29484 http://secunia.com/advisories/29600 http://secunia.com/advisories/29622 http://secunia.com/advisories/29740 http://secunia.com/advisories/29756 http://secunia.com/advisories/30337 http://secunia.com/advisories/31372 http://secunia.com/advis • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-189: Numeric Errors •

CVSS: 6.8EPSS: 3%CPEs: 2EXPL: 1

Buffer overflow in demuxers/demux_asf.c (aka the ASF demuxer) in the xineplug_dmx_asf.so plugin in xine-lib before 1.1.10 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a crafted ASF header. NOTE: this issue leads to a crash when an attack uses the CVE-2006-1664 exploit code, but it is different from CVE-2006-1664. Desbordamiento de búfer en demuxers/demux_asf.c (también conocido como ASF demuxer) en la extensión xineplug_dmx_asf.so de xine-lib before 1.1.10 permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (caída) a través de una cabecera ASF manipulada. NOTA: esta cuestión provoca una caída cuando un atacante utiliza el código del exploit CVE-2006-1664, pero esto es diferente a CVE-2006-1664. • https://www.exploit-db.com/exploits/1641 http://bugs.gentoo.org/show_bug.cgi?id=208100 http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset%3Bnode=fb6d089b520dca199ef16a046da28c50c984c2d2%3Bstyle=gitweb http://secunia.com/advisories/29141 http://secunia.com/advisories/31393 http://security.gentoo.org/glsa/glsa-200802-12.xml http://sourceforge.net/project/shownotes.php?group_id=9655&release_id=571608 http://www.mandriva.com/security/advisories?name=MDVSA-2008:178 http://www.ubuntu.com&#x • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 7%CPEs: 2EXPL: 1

Array index vulnerability in libmpdemux/demux_audio.c in MPlayer 1.0rc2 and SVN before r25917, and possibly earlier versions, as used in Xine-lib 1.1.10, might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow. Vulnerabilidad de índice de array en libmpdemux/demux_audio.c de MPlayer 1.0rc2 y SVN antes de r25917, y posiblemente versiones anteriores, como se utilizó en Xine-lib 1.1.10. Podría permitir a atacantes remotos ejecutar código de su elección a través de una etiqueta FLAC manipulada que provoca un desbordamiento de búfer. • http://bugs.gentoo.org/show_bug.cgi?id=209106 http://bugs.xine-project.org/show_bug.cgi?id=38 http://lists.grok.org.uk/pipermail/full-disclosure/2008-February/060033.html http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00004.html http://secunia.com/advisories/28779 http://secunia.com/advisories/28801 http://secunia.com/advisories/28918 http://secunia.com/advisories/28955 http://secunia.com/advisories/28956 http://secunia.com/advisories/28989 http://secunia& • CWE-189: Numeric Errors •