Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3231

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-3231
Last Modified 09 Mar 2011 12:00:00
Published 18 Jul 2008 12:41:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3231

Summary

xine-lib before 1.1.15 allows remote attackers to cause a denial of service (crash) via a crafted OGG file, as demonstrated by playing lol-ffplay.ogg with xine.

Vulnerable Systems

Application

  • Xine-lib 0.9.13

  • Xine-lib 0.9.8

  • Xine-lib 0.99

  • Xine-lib 1

  • Xine-lib 1.0

  • Xine-lib 1.0.1

  • Xine-lib 1.0.2

  • Xine-lib 1.0.3a

  • Xine-lib 1.1.0

  • Xine-lib 1.1.1

  • Xine-lib 1.1.10

  • Xine-lib 1.1.10.1

  • Xine-lib 1.1.11

  • Xine-lib 1.1.11.1

  • Xine-lib 1.1.12

  • Xine-lib 1.1.13

  • Xine-lib 1.1.14

  • Xine-lib 1.1.2

  • Xine-lib 1.1.3

  • Xine-lib 1.1.4

  • Xine-lib 1.1.5

  • Xine-lib 1.1.6

  • Xine-lib 1.1.7

  • Xine-lib 1.1.8

  • Xine-lib 1.1.9

  • Xine-lib 1.1.9.1


References

BID - 30699

FEDORA - FEDORA-2008-7512

FEDORA - FEDORA-2008-7572

XF - xine-ogg-dos(44040)

VUPEN - ADV-2008-2382

SECTRACK - 1020703

MLIST - [oss-security] 20080713 CVE requests: crashers by zzuf

MANDRIVA - MDVSA-2009:020

CONFIRM - http://sourceforge.net/project/shownotes.php?release_id=619869

SECUNIA - 31827

SUSE - SUSE-SR:2009:004


Last Updated: 27 May 2016 10:48:07