Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1878

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-1878
Last Modified 07 Mar 2011 10:07:59
Published 17 Apr 2008 06:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-1878

Summary

Stack-based buffer overflow in the demux_nsf_send_chunk function in src/demuxers/demux_nsf.c in xine-lib 1.1.12 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long NSF title.

Vulnerable Systems

Application

  • Xine-lib 1.1.0

  • Xine-lib 1.1.1

  • Xine-lib 1.1.10

  • Xine-lib 1.1.10.1

  • Xine-lib 1.1.11

  • Xine-lib 1.1.11.1

  • Xine-lib 1.1.12

  • Xine-lib 1.1.9


References

VUPEN - ADV-2008-1247

UBUNTU - USN-635-1

MILW0RM - 5458

MANDRIVA - MDVSA-2008:178

MANDRIVA - MDVSA-2008:177

DEBIAN - DSA-1586

GENTOO - GLSA-200808-01

SECUNIA - 31393

SECUNIA - 31372

SECUNIA - 30581

SECUNIA - 30337

SECUNIA - 29850

FEDORA - FEDORA-2008-3353

FEDORA - FEDORA-2008-3326

XF - xinelib-demuxnsfsendchunk-bo(41865)

BID - 28816

SECUNIA - 30021

SUSE - SUSE-SR:2008:012


Last Updated: 27 May 2016 10:47:41