Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1455

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2004-1455
Last Modified 05 Sep 2008 04:41:25
Published 31 Dec 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2004-1455

Summary

Stack-based buffer overflow in Xine-lib-rc5 in xine-lib 1_rc5-r2 and earlier allows remote attackers to execute arbitrary code via crafted playlists that result in a long vcd:// URL.

Vulnerable Systems

Application

  • Xine-lib 1 Beta1

  • Xine-lib 1 Beta10

  • Xine-lib 1 Beta11

  • Xine-lib 1 Beta2

  • Xine-lib 1 Beta3

  • Xine-lib 1 Beta4

  • Xine-lib 1 Beta5

  • Xine-lib 1 Beta6

  • Xine-lib 1 Beta7

  • Xine-lib 1 Beta8

  • Xine-lib 1 Beta9

  • Xine-lib 1 Rc2

  • Xine-lib 1 Rc3a

  • Xine-lib 1 Rc3b

  • Xine-lib 1 Rc3c

  • Xine-lib 1 Rc4

  • Xine-lib 1 Rc5

  • Xine-lib 1 Rc5 R2


References

BID - 10890

GENTOO - GLSA-200408-18

XF - xine-vcd-identifier-bo(16930)

SECUNIA - 12194

BUGTRAQ - 20040817 Open Security Group Advisory #6


Last Updated: 27 May 2016 10:39:02