CVE-2008-0486
- EPSS 5.37%
- Veröffentlicht 05.02.2008 12:00:00
- Zuletzt bearbeitet 16.06.2026 22:49:43
Array index vulnerability in libmpdemux/demux_audio.c in MPlayer 1.0rc2 and SVN before r25917, and possibly earlier versions, as used in Xine-lib 1.1.10, might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a ...
CVE-2008-0238
- EPSS 4.21%
- Veröffentlicht 11.01.2008 21:46:00
- Zuletzt bearbeitet 16.06.2026 22:49:12
Multiple heap-based buffer overflows in the rmff_dump_cont function in input/libreal/rmff.c in xine-lib 1.1.9 allow remote attackers to execute arbitrary code via the SDP (1) Title, (2) Author, or (3) Copyright attribute, related to the rmff_dump_hea...
CVE-2008-0225
- EPSS 14.97%
- Veröffentlicht 10.01.2008 23:46:00
- Zuletzt bearbeitet 16.06.2026 22:49:10
Heap-based buffer overflow in the rmff_dump_cont function in input/libreal/rmff.c in xine-lib 1.1.9 and earlier allows remote attackers to execute arbitrary code via the SDP Abstract attribute in an RTSP session, related to the rmff_dump_header funct...
CVE-2006-4799
- EPSS 2.8%
- Veröffentlicht 14.09.2006 21:07:00
- Zuletzt bearbeitet 16.06.2026 22:29:48
Buffer overflow in ffmpeg for xine-lib before 1.1.2 might allow context-dependent attackers to execute arbitrary code via a crafted AVI file and "bad indexes", a different vulnerability than CVE-2005-4048 and CVE-2006-2802.
CVE-2006-2200
- EPSS 4.26%
- Veröffentlicht 28.06.2006 01:45:00
- Zuletzt bearbeitet 16.06.2026 22:24:32
Stack-based buffer overflow in libmms, as used by (a) MiMMS 0.0.9 and (b) xine-lib 1.1.0 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via the (1) send_command, (2) string_ut...
- EPSS 11.09%
- Veröffentlicht 03.06.2006 10:02:00
- Zuletzt bearbeitet 16.06.2026 22:25:48
Buffer overflow in the HTTP Plugin (xineplug_inp_http.so) for xine-lib 1.1.1 allows remote attackers to cause a denial of service (application crash) via a long reply from an HTTP server, as demonstrated using gxine 0.5.6.
CVE-2006-1664
- EPSS 14.64%
- Veröffentlicht 07.04.2006 10:04:00
- Zuletzt bearbeitet 16.06.2026 22:23:23
Buffer overflow in xine_list_delete_current in libxine 1.14 and earlier, as distributed in xine-lib 1.1.1 and earlier, allows remote attackers to execute arbitrary code via a crafted MPEG stream.
CVE-2005-2967
- EPSS 9.68%
- Veröffentlicht 14.10.2005 10:02:00
- Zuletzt bearbeitet 16.06.2026 22:15:59
Format string vulnerability in input_cdda.c in xine-lib 1-beta through 1-beta 3, 1-rc, 1.0 through 1.0.2, and 1.1.1 allows remote servers to execute arbitrary code via format string specifiers in metadata in CDDB server responses when the victim play...
CVE-2005-1195
- EPSS 4.38%
- Veröffentlicht 02.05.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:12:37
Multiple heap-based buffer overflows in the code used to handle (1) MMS over TCP (MMST) streams or (2) RealMedia RTSP streams in xine-lib before 1.0, and other products that use xine-lib such as MPlayer 1.0pre6 and earlier, allow remote malicious ser...
- EPSS 9.11%
- Veröffentlicht 10.01.2005 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:07:25
Buffer overflow in the open_aiff_file function in demux_aiff.c for xine-lib (libxine) 1-rc7 allows remote attackers to execute arbitrary code via a crafted AIFF file.