Debian Security Advisory 1536-1 - Several local vulnerabilities have been discovered in Xine, a media player library, allowed for a denial of service or arbitrary code execution, which could be exploited through viewing malicious content.
fab16d0e5e9613a38e131a5540e6b1deca18ee6d6d803c2faf22cc0f1e8ea324Gentoo Linux Security Advisory GLSA 200704-09 - xine-lib does not check boundaries on data being read into buffers from DMO video files in code that is shared with MPlayer (DMO_VideoDecoder.c). Versions less than 1.1.4-r2 are affected.
60d54a78510c055f1db9fb2eb283c1a424560fca74c3bc0aa8ee15af2804c51fUbuntu Security Notice 433-1 - Moritz Jodeit discovered that the DMO loader of Xine did not correctly validate the size of an allocated buffer. By tricking a user into opening a specially crafted media file, an attacker could execute arbitrary code with the user's privileges.
94f4d397d208d53e89af0300446cf0ab3a4370d5739cf83df5aa0c4764e562f9Mandriva Linux Security Advisory - The DMO_VideoDecoder_Open function in dmo/DMO_VideoDecoder.c in xine-lib does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code.
c5cdff64d715a5ff1636f58d8abe75e80d9cf94154c2f6c414ecfa5963b5f403Mandriva Linux Security Advisory - The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in MPlayer 1.0rc1 and earlier does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code.
98e19e2b7caff2cbb310887cdedbd0652b406d4d07adca198bf3b319303a428d
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed