7.5

CVE-2004-1379

Heap-based buffer overflow in the DVD subpicture decoder in xine xine-lib 1-rc5 and earlier allows remote attackers to execute arbitrary code via a (1) DVD or (2) MPEG subpicture header where the second field reuses RLE data from the end of the first field.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
XineXine Version1_alpha
XineXine Version1_beta1
XineXine Version1_beta2
XineXine Version1_beta3
XineXine Version1_beta4
XineXine Version1_beta5
XineXine Version1_beta6
XineXine Version1_beta7
XineXine Version1_beta8
XineXine Version1_beta9
XineXine Version1_beta10
XineXine Version1_beta11
XineXine Version1_beta12
XineXine Version1_rc0
XineXine Version1_rc0a
XineXine Version1_rc1
XineXine Version1_rc2
XineXine Version1_rc3
XineXine Version1_rc3a
XineXine Version1_rc3b
XineXine Version1_rc4
XineXine Version1_rc5
XineXine-lib Version0.9.8
XineXine-lib Version1_beta2
XineXine-lib Version1_beta3
XineXine-lib Version1_beta4
XineXine-lib Version1_beta5
XineXine-lib Version1_beta6
XineXine-lib Version1_beta7
XineXine-lib Version1_beta8
XineXine-lib Version1_beta9
XineXine-lib Version1_beta12
XineXine-lib Version1_rc0
XineXine-lib Version1_rc1
XineXine-lib Version1_rc2
XineXine-lib Version1_rc3
XineXine-lib Version1_rc3a
XineXine-lib Version1_rc3b
XineXine-lib Version1_rc3c
XineXine-lib Version1_rc4
XineXine-lib Version1_rc5
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4% 0.892
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.320308
Patch
http://www.debian.org/security/2005/dsa-657
Patch
Vendor Advisory
http://www.gentoo.org/security/en/glsa/glsa-200409-30.xml
Patch
http://www.securityfocus.com/archive/1/375482/2004-09-02/2004-09-08/0
http://www.securityfocus.com/bid/11205
Patch
http://www.vuxml.org/freebsd/131bd7c4-64a3-11d9-829a-000a95bc6fae.html
http://xinehq.de/index.php/security/XSA-2004-5
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/17423