Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1692

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-1692
Last Modified 07 Mar 2011 09:22:41
Published 24 May 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-1692

Summary

Format string vulnerability in gxine 0.4.1 through 0.4.4, and other versions down to 0.3, allows remote attackers to execute arbitrary code via a ram file with a URL whose hostname contains format string specifiers.

Vulnerable Systems

Application

  • Gxine 0.41

  • Gxine 0.42

  • Gxine 0.43

  • Gxine 0.44


References

VUPEN - ADV-2005-0626

BID - 13707

OSVDB - 16747

MISC - http://www.0xbadexworm.org/adv/gxinefmt.txt

GENTOO - GLSA-200505-19

SECUNIA - 15451

BUGTRAQ - 20050521 pst.advisory 2005-21: gxine remote exploitable . opensource is god .lol windows

CONFIRM - http://cvs.sourceforge.net/viewcvs.py/xine/gnome-xine/ChangeLog?rev=HEAD&content-type=text/vnd.viewcvs-markup


Last Updated: 27 May 2016 10:40:16