oval:org.mitre.oval:def:7757
Definition Id: oval:org.mitre.oval:def:7757 | |||
Oval ID: | oval:org.mitre.oval:def:7757 | ||
Title: | DSA-1536 xine-lib -- several vulnerabilities | ||
Description: | Several local vulnerabilities have been discovered in Xine, a media player library, allowed for a denial of service or arbitrary code execution, which could be exploited through viewing malicious content. The Common Vulnerabilities and Exposures project identifies the following problems: The DMO_VideoDecoder_Open function does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code (applies to sarge only). Array index error in the sdpplin_parse function allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter. Array index vulnerability in libmpdemux/demux_audio.c might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow (applies to etch only). Buffer overflow in the Matroska demuxer allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Matroska file with invalid frame sizes. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1536 CVE-2007-1246 CVE-2007-1387 CVE-2008-0073 CVE-2008-0486 CVE-2008-1161 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 Debian GNU/Linux 3.1 | Product(s): | xine-lib |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7692 | |||
Oval ID: | oval:org.mitre.oval:def:7692 | ||
Title: | Debian GNU/Linux 3.1 is installed | ||
Description: | Debian GNU/Linux 3.1 (sarge) is installed | ||
Family: | unix | Class: | inventory |
Reference(s): | cpe:/o:debian:debian_gnu/linux:3.1 | Version: | 7 |
Platform(s): | Debian GNU/Linux 3.1 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:7757 |
Definition Id: oval:org.mitre.oval:def:6461 | |||
Oval ID: | oval:org.mitre.oval:def:6461 | ||
Title: | Debian GNU/Linux 4.0 is installed. | ||
Description: | Debian GNU/Linux 4.0 (etch) is installed | ||
Family: | unix | Class: | inventory |
Reference(s): | cpe:/o:debian:debian_gnu/linux:4.0 | Version: | 9 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:7757 |