|
|
CVE Reference: CVE-2008-0225 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-0225 |
|
|
Description: Heap-based buffer overflow in the rmff_dump_cont function in input/libreal/rmff.c in xine-lib 1.1.9 and earlier allows remote attackers to execute arbitrary code via the SDP Abstract attribute in an RTSP session, related to the rmff_dump_header function and related to disregarding the max field. NOTE: some of these details are obtained from third party information. |
|
|
CVE Status: Candidate |
|
|
References: UBUNTU http://www.ubuntu.com/usn/usn-635-1 SUSE http://www.novell.com/linux/security/advisories/suse_security_summary_report.html SAID Secunia Advisory: SA28384 Secunia Advisory: SA28489 Secunia Advisory: SA28636 Secunia Advisory: SA28674 Secunia Advisory: SA28507 Secunia Advisory: SA28955 Secunia Advisory: SA31393 MISC http://aluigi.altervista.org/adv/xinermffhof-adv.txt MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:045 http://www.mandriva.com/security/advisories?name=MDVSA-2008:020 GENTOO http://security.gentoo.org/glsa/glsa-200801-12.xml FEDORA DEBIAN http://www.debian.org/security/2008/dsa-1472 CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=205197 http://sourceforge.net/project/shownotes.php?release_id=567872 BID 27198 |
|
| Return to the previous page. |
