CVE-2006-2200 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-2200
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-2200

Description: Stack-based buffer overflow in libmms, as used by (a) MiMMS 0.0.9 and (b) xine-lib 1.1.0 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via the (1) send_command, (2) string_utf16, (3) get_data, and (4) get_media_packet functions, and possibly other functions.

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-315-1 http://www.ubuntu.com/usn/usn-309-1 SLACKWARE http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.433842 SAID Secunia Advisory: SA20749 Secunia Advisory: SA20948 Secunia Advisory: SA20964 Secunia Advisory: SA21023 Secunia Advisory: SA21036 Secunia Advisory: SA21139 Secunia Advisory: SA23218 Secunia Advisory: SA23512 MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:121 http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:117 GENTOO http://security.gentoo.org/glsa/glsa-200607-07.xml CONFIRM http://sourceforge.net/project/shownotes.php?release_id=468432 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=374577 BID 18608

Return to the previous page.