CVE-2008-1878 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2008-1878
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-1878

Description: Stack-based buffer overflow in the demux_nsf_send_chunk function in src/demuxers/demux_nsf.c in xine-lib 1.1.12 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long NSF title.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/41865 UBUNTU http://www.ubuntu.com/usn/usn-635-1 SUSE http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html SAID Secunia Advisory: SA29850 Secunia Advisory: SA30021 Secunia Advisory: SA31372 Secunia Advisory: SA30581 Secunia Advisory: SA30337 Secunia Advisory: SA31393 MILW0RM http://www.milw0rm.com/exploits/5458 MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:177 http://www.mandriva.com/security/advisories?name=MDVSA-2008:178 GENTOO http://security.gentoo.org/glsa/glsa-200808-01.xml FEDORA DEBIAN http://www.debian.org/security/2008/dsa-1586 BID 28816

Return to the previous page.