Debian Security Advisory 1536-1 - Several local vulnerabilities have been discovered in Xine, a media player library, allowed for a denial of service or arbitrary code execution, which could be exploited through viewing malicious content.
fab16d0e5e9613a38e131a5540e6b1deca18ee6d6d803c2faf22cc0f1e8ea324Mandriva Linux Security Advisory - The DS_VideoDecoder_Open function in DirectShow/DS_VideoDecoder.c in xine-lib does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code.
1e8a5159b7b6dc0e60918f6aeec48b171e46c9c0258efc535f3006a7322f8b70Mandriva Linux Security Advisory - The DS_VideoDecoder_Open function in loader/dshow/DS_VideoDecoder.c in MPlayer 1.0rc1 and earlier does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code.
d4bfbc41eaadf6b63510af26525e0790c70f14f6c2cec2b97f949be8444a84e3Ubuntu Security Notice 435-1 - Moritz Jodeit discovered that the DirectShow loader of Xine did not correctly validate the size of an allocated buffer. By tricking a user into opening a specially crafted media file, an attacker could execute arbitrary code with the user's privileges.
9d8bbefeb03f250ad5e440fa93720bd6f44dd1ba21a5563df2eabea84f83f2b5
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed