CVE-2008-1482
Vulnerability Summary
Timeline
Description
Multiple integer overflows in xine-lib 1.1.11 and earlier allow remote attackers to trigger heap-based buffer overflows and possibly execute arbitrary code via (1) a crafted .FLV file, which triggers an overflow in demuxers/demux_flv.c; (2) a crafted .MOV file, which triggers an overflow in demuxers/demux_qt.c; (3) a crafted .RM file, which triggers an overflow in demuxers/demux_real.c; (4) a crafted .MVE file, which triggers an overflow in demuxers/demux_wc3movie.c; (5) a crafted .MKV file, which triggers an overflow in demuxers/ebml.c; or (6) a crafted .CAK file, which triggers an overflow in demuxers/demux_film.c.
CVSS Metrics
- v2.0•MEDIUM•Score: 6.8AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS Trends
Current EPSS score: 2.02%• Percentile: 84%
Techniques & Countermeasures
- CWE-119•Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
- CWE-189•Numeric Errors
Weaknesses in this category are related to improper calculation or conversion of numbers.
Affected Systems
- xine•xine-lib
1.1.11
References (24)
- http://www.vupen.com/english/advisories/2008/0981/references
- https://bugzilla.redhat.com/show_bug.cgi?id=438663
- http://secunia.com/advisories/29622
- http://security.gentoo.org/glsa/glsa-200808-01.xml
- http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html
- http://securityreason.com/securityalert/3769
- http://www.debian.org/security/2008/dsa-1586
- https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00143.html
- http://secunia.com/advisories/29484
- http://secunia.com/advisories/29756
- http://secunia.com/advisories/29600
- http://secunia.com/advisories/29740
- http://secunia.com/advisories/31393
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:178
- http://aluigi.org/poc/xinehof.zip
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41350
- https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00157.html
- http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.441137
- http://www.securityfocus.com/bid/28370
- http://www.securityfocus.com/archive/1/489894/100/0/threaded
- http://aluigi.altervista.org/adv/xinehof-adv.txt
- http://secunia.com/advisories/31372
- http://www.ubuntu.com/usn/usn-635-1
- http://secunia.com/advisories/30337