Download
| Alert*
oval:org.secpod.oval:def:301577
Two vulnerabilities discovered in xine-lib allow remote execution of arbitrary code: Heap-based buffer overflow in the rmff_dump_cont function in input/libreal/rmff.c in xine-lib 1.1.9 and earlier allows remote attackers to execute arbitrary code via the SDP Abstract attribute, related to the rmff_d ... oval:org.secpod.oval:def:301549 Heap-based buffer overflow in the rmff_dump_cont function in input/libreal/rmff.c in xine-lib 1.1.9 and earlier allows remote attackers to execute arbitrary code via the SDP Abstract attribute, related to the rmff_dump_header function and related to disregarding the max field. Although originally a ... oval:org.mitre.oval:def:7756 Luigi Auriemma discovered that the Xine media player library performed insufficient input sanitising during the handling of RTSP streams, which could lead to the execution of arbitrary code. oval:org.secpod.oval:def:20727 The host is installed with VideoLAN VLC Media Player before 0.8.6e and is prone to heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle SDP Abstract attribute in an RTSP session. Successful exploitation allows attackers to cause a denial of service. |