what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2008-5234

Status Candidate

Overview

Multiple heap-based buffer overflows in xine-lib 1.1.12, and other versions before 1.1.15, allow remote attackers to execute arbitrary code via vectors related to (1) a crafted metadata atom size processed by the parse_moov_atom function in demux_qt.c and (2) frame reading in the id3v23_interp_frame function in id3.c. NOTE: as of 20081122, it is possible that vector 1 has not been fixed in 1.1.15.

Related Files

Gentoo Linux Security Advisory 201006-4
Posted Jun 2, 2010
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201006-4 - Multiple vulnerabilities in xine-lib might result in the remote execution of arbitrary code. Multiple vulnerabilities have been reported in xine-lib. Versions less than 1.1.16.3 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2008-3231, CVE-2008-5233, CVE-2008-5234, CVE-2008-5235, CVE-2008-5236, CVE-2008-5237, CVE-2008-5238, CVE-2008-5239, CVE-2008-5240, CVE-2008-5241, CVE-2008-5242, CVE-2008-5243, CVE-2008-5244, CVE-2008-5245, CVE-2008-5246, CVE-2008-5247, CVE-2008-5248, CVE-2009-0698
SHA-256 | 3d573a1bf8635f59a558d880f1824403c79842bfc90c6d34a2e2239ac6a931c0
Mandriva Linux Security Advisory 2009-319
Posted Dec 7, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-319 - Failure on Ogg files manipulation can lead remote attackers to cause a denial of service by using crafted files. Failure on manipulation of either MNG or Real or MOD files can lead remote attackers to cause a denial of service by using crafted files. Heap-based overflow allows remote attackers to execute arbitrary code by using Quicktime media files holding crafted metadata. Heap-based overflow allows remote attackers to execute arbitrary code by using either crafted Matroska or Real media files. Failure on manipulation of either MNG or Quicktime files can lead remote attackers to cause a denial of service by using crafted files. Multiple heap-based overflow on input plugins (http, net, smb, dvd, dvb, rtsp, rtp, pvr, pnm, file, gnome_vfs, mms) allow attackers to execute arbitrary code by handling that input channels. Various other issues have also been addressed. Packages for 2008.0 are being provided due to extended support for Corporate products. This update fixes these issues.

tags | advisory, remote, web, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2008-3231, CVE-2008-5233, CVE-2008-5234, CVE-2008-5236, CVE-2008-5237, CVE-2008-5239, CVE-2008-5240, CVE-2008-5241, CVE-2008-5243, CVE-2008-5245, CVE-2008-5246, CVE-2009-0698, CVE-2009-1274
SHA-256 | 3bf2a8635466988153d8e0e8ed108b20e7b74db866a856fe2b1fa702ad27df2c
Ubuntu Security Notice 710-1
Posted Jan 26, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-710-1 - A large amount of xine-lib vulnerabilities have been addressed in a package update. The issues addressed range from denial of service to arbitrary code execution vulnerabilities.

tags | advisory, denial of service, arbitrary, vulnerability, code execution
systems | linux, ubuntu
advisories | CVE-2008-3231, CVE-2008-5233, CVE-2008-5234, CVE-2008-5236, CVE-2008-5237, CVE-2008-5238, CVE-2008-5239, CVE-2008-5240, CVE-2008-5241, CVE-2008-5242, CVE-2008-5243, CVE-2008-5244, CVE-2008-5246, CVE-2008-5248
SHA-256 | 7a57d4c1776774d0d20e16a7e70f2bd1e115b441a773f80d44141450b4576de4
Mandriva Linux Security Advisory 2009-020
Posted Jan 21, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-020 - Multiple vulnerabilities ranging from denial of service to heap-based overflows have been addressed in xine-lib.

tags | advisory, denial of service, overflow, vulnerability
systems | linux, mandriva
advisories | CVE-2008-3231, CVE-2008-5233, CVE-2008-5234, CVE-2008-5236, CVE-2008-5237, CVE-2008-5239, CVE-2008-5240, CVE-2008-5241, CVE-2008-5243, CVE-2008-5245, CVE-2008-5246
SHA-256 | 43ff4edc9f7da1c5c221e903dd7cc66b3c77e38c4641a9183d19d2b33c53ea40
Page 1 of 1
Back1Next

File Archive:

August 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    15 Files
  • 2
    Aug 2nd
    22 Files
  • 3
    Aug 3rd
    0 Files
  • 4
    Aug 4th
    0 Files
  • 5
    Aug 5th
    0 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    0 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close