Download
| Alert*
|
oval:org.secpod.oval:def:700362
It was discovered that the 4xm demuxer in xine-lib did not correctly handle a large current_track value in a 4xm file, resulting in an integer overflow. If a user or automated system were tricked into opening a specially crafted 4xm movie file, an attacker could crash xine-lib or possibly execute ar ... oval:org.secpod.oval:def:700312 It was discovered that the QT demuxer in xine-lib did not correctly handle a large count value in an STTS atom, resulting in a heap-based buffer overflow. If a user or automated system were tricked into opening a specially crafted MOV file, an attacker could execute arbitrary code as the user invoki ... oval:org.secpod.oval:def:300529 Vulnerabilities have been discovered and corrected in xine-lib: - Integer overflow in the qt_error parse_trak_atom function in demuxers/demux_qt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, w ... oval:org.secpod.oval:def:300625 Vulnerabilities have been discovered and corrected in xine-lib: Failure on Ogg files manipulation can lead remote attackers to cause a denial of service by using crafted files . Failure on manipulation of either MNG or Real or MOD files can lead remote attackers to cause a denial of service by using ... |
