Executive Summary
Summary | |
---|---|
Title | xine-lib: User-assisted execution of arbitrary code |
Informations | |||
---|---|---|---|
Name | GLSA-200808-01 | First vendor Publication | 2008-08-06 |
Vendor | Gentoo | Last vendor Modification | 2008-08-06 |
Severity (Vendor) | Normal | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Synopsis xine-lib is vulnerable to multiple buffer overflows when processing media streams. Background Description * Alin Rad Pop of Secunia reported an array indexing vulnerability in the sdpplin_parse() function in the file input/libreal/sdpplin.c when processing streams from RTSP servers that contain a large "streamid" * Luigi Auriemma reported multiple integer overflows that result in heap-based buffer overflows when processing ".FLV", ".MOV" ".RM", * Guido Landi reported a stack-based buffer overflow in the demux_nsf_send_chunk() function when handling titles within NES Music (.NSF) files (CVE-2008-1878). Impact Workaround Resolution References Availability http://security.gentoo.org/glsa/glsa-200808-01.xml |
Original Source
Url : http://security.gentoo.org/glsa/glsa-200808-01.xml |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
50 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:17590 | |||
Oval ID: | oval:org.mitre.oval:def:17590 | ||
Title: | USN-635-1 -- xine-lib vulnerabilities | ||
Description: | Alin Rad Pop discovered an array index vulnerability in the SDP parser. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-635-1 CVE-2008-0073 CVE-2008-0225 CVE-2008-0238 CVE-2008-0486 CVE-2008-1110 CVE-2008-1161 CVE-2008-1482 CVE-2008-1686 CVE-2008-1878 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 | Product(s): | xine-lib |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18584 | |||
Oval ID: | oval:org.mitre.oval:def:18584 | ||
Title: | DSA-1586-1 xine-lib - multiple vulnerabilities | ||
Description: | Multiple vulnerabilities have been discovered in xine-lib, a library which supplies most of the application functionality of the xine multimedia player. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1586-1 CVE-2008-1482 CVE-2008-1686 CVE-2008-1878 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | xine-lib |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7965 | |||
Oval ID: | oval:org.mitre.oval:def:7965 | ||
Title: | DSA-1586 xine-lib -- multiple vulnerabilities | ||
Description: | Multiple vulnerabilities have been discovered in xine-lib, a library which supplies most of the application functionality of the xine multimedia player. The Common Vulnerabilities and Exposures project identifies the following three problems: Integer overflow vulnerabilities exist in xine's FLV, QuickTime, RealMedia, MVE and CAK demuxers, as well as the EBML parser used by the Matroska demuxer. These weaknesses allow an attacker to overflow heap buffers and potentially execute arbitrary code by supplying a maliciously crafted file of those types. Insufficient input validation in the Speex implementation used by this version of xine enables an invalid array access and the execution of arbitrary code by supplying a maliciously crafted Speex file. Inadequate bounds checking in the NES Sound Format (NSF) demuxer enables a stack buffer overflow and the execution of arbitrary code through a maliciously crafted NSF file. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1586 CVE-2008-1482 CVE-2008-1686 CVE-2008-1878 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | xine-lib |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2008-03-25 | MPlayer sdpplin_parse() Array Indexing Buffer Overflow Exploit PoC |
OpenVAS Exploits
Date | Description |
---|---|
2009-04-09 | Name : Mandriva Update for mplayer MDVSA-2008:219 (mplayer) File : nvt/gb_mandriva_MDVSA_2008_219.nasl |
2009-04-09 | Name : Mandriva Update for xine-lib MDVSA-2008:178 (xine-lib) File : nvt/gb_mandriva_MDVSA_2008_178.nasl |
2009-04-09 | Name : Mandriva Update for xine-lib MDVSA-2008:177 (xine-lib) File : nvt/gb_mandriva_MDVSA_2008_177.nasl |
2009-03-23 | Name : Ubuntu Update for xine-lib vulnerabilities USN-635-1 File : nvt/gb_ubuntu_USN_635_1.nasl |
2009-02-17 | Name : Fedora Update for xine-lib FEDORA-2008-3326 File : nvt/gb_fedora_2008_3326_xine-lib_fc7.nasl |
2009-02-17 | Name : Fedora Update for xine-lib FEDORA-2008-3353 File : nvt/gb_fedora_2008_3353_xine-lib_fc8.nasl |
2009-02-17 | Name : Fedora Update for xine-lib FEDORA-2008-7572 File : nvt/gb_fedora_2008_7572_xine-lib_fc8.nasl |
2009-02-16 | Name : Fedora Update for xine-lib FEDORA-2008-2569 File : nvt/gb_fedora_2008_2569_xine-lib_fc8.nasl |
2009-02-16 | Name : Fedora Update for xine-lib FEDORA-2008-2849 File : nvt/gb_fedora_2008_2849_xine-lib_fc8.nasl |
2009-02-16 | Name : Fedora Update for xine-lib FEDORA-2008-2945 File : nvt/gb_fedora_2008_2945_xine-lib_fc7.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200808-01 (xine-lib) File : nvt/glsa_200808_01.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200804-25 (vlc) File : nvt/glsa_200804_25.nasl |
2008-05-27 | Name : Debian Security Advisory DSA 1586-1 (xine-lib) File : nvt/deb_1586_1.nasl |
2008-04-21 | Name : Debian Security Advisory DSA 1543-1 (vlc) File : nvt/deb_1543_1.nasl |
2008-04-07 | Name : Debian Security Advisory DSA 1536-1 (xine-lib) File : nvt/deb_1536_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-092-01 xine-lib File : nvt/esoft_slk_ssa_2008_092_01.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-089-03 xine-lib File : nvt/esoft_slk_ssa_2008_089_03.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
44450 | xine-lib NSF src/demuxers/demux_nsf.c demux_nsf_send_chunk Function Remote Ov... |
43532 | xine-lib src/demuxers/demux_film.c Film File Handling Remote Overflow |
43531 | xine-lib src/demuxers/ebml.c EBML File Handling Remote Overflow |
43530 | xine-lib src/demuxers/demux_wc3movie.c WC3 Movie File Handling Remote Overflow |
43529 | xine-lib src/demuxers/demux_real.c Real File Handling Remote Overflow |
43528 | xine-lib src/demuxers/demux_qt.c QT File Handling Remote Overflow |
43527 | xine-lib src/demuxers/demux_flv.c FLV Handling Overflow |
43436 | xine-lib sdpplin_parse() Function Array Indexing |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2011-01-27 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_xine-devel-5304.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-219.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-177.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-178.nasl - Type : ACT_GATHER_INFO |
2008-09-10 | Name : The remote Fedora host is missing a security update. File : fedora_2008-7572.nasl - Type : ACT_GATHER_INFO |
2008-08-20 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-635-1.nasl - Type : ACT_GATHER_INFO |
2008-08-07 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200808-01.nasl - Type : ACT_GATHER_INFO |
2008-05-23 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1586.nasl - Type : ACT_GATHER_INFO |
2008-05-20 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_xine-devel-5205.nasl - Type : ACT_GATHER_INFO |
2008-05-20 | Name : The remote openSUSE host is missing a security update. File : suse_xine-devel-5204.nasl - Type : ACT_GATHER_INFO |
2008-05-01 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3326.nasl - Type : ACT_GATHER_INFO |
2008-05-01 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3353.nasl - Type : ACT_GATHER_INFO |
2008-04-25 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200804-25.nasl - Type : ACT_GATHER_INFO |
2008-04-17 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1543.nasl - Type : ACT_GATHER_INFO |
2008-04-11 | Name : The remote Windows host contains a media player that is affected by several v... File : vlc_0_8_6f.nasl - Type : ACT_GATHER_INFO |
2008-04-11 | Name : The remote Fedora host is missing a security update. File : fedora_2008-2945.nasl - Type : ACT_GATHER_INFO |
2008-04-11 | Name : The remote Fedora host is missing a security update. File : fedora_2008-2849.nasl - Type : ACT_GATHER_INFO |
2008-04-04 | Name : The remote openSUSE host is missing a security update. File : suse_xine-devel-5137.nasl - Type : ACT_GATHER_INFO |
2008-04-04 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_xine-devel-5139.nasl - Type : ACT_GATHER_INFO |
2008-04-04 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-092-01.nasl - Type : ACT_GATHER_INFO |
2008-04-01 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_xine-devel-5116.nasl - Type : ACT_GATHER_INFO |
2008-04-01 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1536.nasl - Type : ACT_GATHER_INFO |
2008-03-31 | Name : The remote openSUSE host is missing a security update. File : suse_xine-devel-5113.nasl - Type : ACT_GATHER_INFO |
2008-03-31 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-089-03.nasl - Type : ACT_GATHER_INFO |
2008-03-26 | Name : The remote Fedora host is missing a security update. File : fedora_2008-2569.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:35:59 |
|