Executive Summary
| Summary | |
|---|---|
| Title | Xine library vulnerability |
| Informations | |||
|---|---|---|---|
| Name | USN-196-1 | First vendor Publication | 2005-10-10 |
| Vendor | Ubuntu | Last vendor Modification | 2005-10-10 |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 7.5 | Attack Range | Network |
| Cvss Impact Score | 6.4 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubuntu 5.04 (Hoary Hedgehog) The following packages are affected: libxine1 The problem can be corrected by upgrading the affected package to version 1-rc5-1ubuntu2.3 (for Ubuntu 4.10), or 1.0-1ubuntu3.1.1 (for Ubuntu 5.04). In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Ulf Harnhammar discovered a format string vulnerability in the CDDB module's cache file handling in the Xine library, which is used by packages such as xine-ui, totem-xine, and gxine. By tricking an user into playing a particular audio CD which has a specially-crafted CDDB entry, a remote attacker could exploit this vulnerability to execute arbitrary code with the privileges of the user running the application. Since CDDB servers usually allow anybody to add and modify information, this exploit does not even require a particular CDDB server to be selected. |
Original Source
| Url : http://www.ubuntu.com/usn/USN-196-1 |
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 5 |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2008-09-24 | Name : Gentoo Security Advisory GLSA 200510-08 (xine-lib) File : nvt/glsa_200510_08.nasl |
| 2008-09-04 | Name : FreeBSD Ports: libxine File : nvt/freebsd_libxine3.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 863-1 (xine-lib) File : nvt/deb_863_1.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 19892 | xine/gxine xine-lib CDDB Response Format String xine-lib contains a flaw that may allow remote execution of arbitrary code. The issue is triggered when a xine-lib based media application, such as xine or gxine, retrieves improper metadata from a malicious CDDB server while playing an audio CD. The metadata is placed in memory on the stack and eventually passed to a fprintf() function as a format string. This allows the malicious user to alter the control flow and to execute malicious code with the permissions of the user running the application. |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2006-05-13 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_3bc5691e38dd11da92f5020039488e34.nasl - Type : ACT_GATHER_INFO |
| 2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-196-1.nasl - Type : ACT_GATHER_INFO |
| 2005-10-19 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-863.nasl - Type : ACT_GATHER_INFO |
| 2005-10-19 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-180.nasl - Type : ACT_GATHER_INFO |
| 2005-10-11 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2005-283-01.nasl - Type : ACT_GATHER_INFO |
| 2005-10-11 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200510-08.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 12:02:30 |
|
