CVE-2008-0238
https://notcve.org/view.php?id=CVE-2008-0238
Multiple heap-based buffer overflows in the rmff_dump_cont function in input/libreal/rmff.c in xine-lib 1.1.9 allow remote attackers to execute arbitrary code via the SDP (1) Title, (2) Author, or (3) Copyright attribute, related to the rmff_dump_header function, different vectors than CVE-2008-0225. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Múltiples desbordamientos de la pila dinámica (heap) en la función rmff_dump_cont contenida en el fichero input/libreal/rmff.c de xine-lib 1.1.9, permite que atacantes remotos ejecuten código arbitrario a través del SDP (1) Title, (2) Author, o (3) el atributo Copyright, relacionado con la función rmff_dump_header, vectores diferentes a la CVE-2008-0225. NOTA: se desconoce la procedencia de esta información; los detalles se han obtenido sólamente de terceros. • http://bugs.gentoo.org/show_bug.cgi?id=205197 http://secunia.com/advisories/28384 http://secunia.com/advisories/28674 http://secunia.com/advisories/28955 http://secunia.com/advisories/31393 http://security.gentoo.org/glsa/glsa-200801-12.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:020 http://www.mandriva.com/security/advisories?name=MDVSA-2008:045 http://www.ubuntu.com/usn/usn-635-1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2008-0225 – Xine-Lib 1.1.9 - 'rmff_dump_cont()' Remote Heap Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2008-0225
Heap-based buffer overflow in the rmff_dump_cont function in input/libreal/rmff.c in xine-lib 1.1.9 and earlier allows remote attackers to execute arbitrary code via the SDP Abstract attribute in an RTSP session, related to the rmff_dump_header function and related to disregarding the max field. NOTE: some of these details are obtained from third party information. Un desbordamiento del búfer en la región heap de la memoria en la función rmff_dump_cont en la biblioteca input/libreal/rmff.c en xine-lib versión 1.1.9 y anteriores, permite a atacantes remotos ejecutar código arbitrario por medio del atributo SDP Abstract en una sesión RTSP, relacionada a la función rmff_dump_header y relacionada con la omisión del campo max. NOTA: algunos de estos detalles son obtenidos de información de terceros. • https://www.exploit-db.com/exploits/31002 http://aluigi.altervista.org/adv/xinermffhof-adv.txt http://bugs.gentoo.org/show_bug.cgi?id=205197 http://secunia.com/advisories/28384 http://secunia.com/advisories/28489 http://secunia.com/advisories/28507 http://secunia.com/advisories/28636 http://secunia.com/advisories/28674 http://secunia.com/advisories/28955 http://secunia.com/advisories/31393 http://security.gentoo.org/glsa/glsa-200801-12.xml http://sourceforge.net/project • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2007-0255
https://notcve.org/view.php?id=CVE-2007-0255
XINE 0.99.4 allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a certain M3U file that contains a long #EXTINF line and contains format string specifiers in an invalid udp:// URI, possibly a variant of CVE-2007-0017. XINE 0.99.4 permite a atacantes remotos con la complicidad del usuario provocar una denegación de servicio (caída de la aplicación) y posiblemente ejecutar código de su elección mediante ciertos ficheros M3U que contienen una linea #EXTINF larga y contiene especificadores de formato en un URI udp:// inválido, posiblemente una variante de CVE-2007-0017. • http://osvdb.org/31666 http://secunia.com/advisories/23931 http://www.mandriva.com/security/advisories?name=MDKSA-2007:027 http://www.mandriva.com/security/advisories?name=MDKSA-2007:154 http://www.securityfocus.com/archive/1/456523/100/0/threaded http://www.securityfocus.com/bid/22252 •
CVE-2007-0254
https://notcve.org/view.php?id=CVE-2007-0254
Format string vulnerability in the errors_create_window function in errors.c in xine-ui allows attackers to execute arbitrary code via unknown vectors. Vulnerabilidad de cadena de formato en la función errors_create_window en errors.c de xine-ui permite a atacantes remotos ejecutar código de su elección mediante vectores no especificados. • http://osvdb.org/31594 http://secunia.com/advisories/23709 http://secunia.com/advisories/23891 http://secunia.com/advisories/23931 http://security.gentoo.org/glsa/glsa-200701-18.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:027 http://www.mandriva.com/security/advisories?name=MDKSA-2007:154 http://www.securityfocus.com/archive/1/456590/100/0/threaded http://www.securityfocus.com/bid/22002 https://exchange.xforce.ibmcloud.com/vulnerabilities/31505 •
CVE-2006-6172
https://notcve.org/view.php?id=CVE-2006-6172
Buffer overflow in the asmrp_eval function in the RealMedia RTSP stream handler (asmrp.c) for Real Media input plugin, as used in (1) xine/xine-lib, (2) MPlayer 1.0rc1 and earlier, and possibly others, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a rulebook with a large number of rulematches. Desbordamiento de búfer en la función asmrp_eval para el extensión de entrada a Real Media permite a atacantes remotos provocar una denegación de servicio y la posibilidad de ejecutar código de su elección mediante un libro de reglas con un gran número de coincidencias con estas reglas. • http://secunia.com/advisories/23218 http://secunia.com/advisories/23242 http://secunia.com/advisories/23249 http://secunia.com/advisories/23301 http://secunia.com/advisories/23335 http://secunia.com/advisories/23512 http://secunia.com/advisories/23567 http://secunia.com/advisories/24336 http://secunia.com/advisories/24339 http://secunia.com/advisories/25555 http://security.gentoo.org/glsa/glsa-200612-02.xml http://security.gentoo.org/glsa/glsa-200702-11.xml http://s •