Описание
Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows attackers to execute arbitrary code via a VideoCD with an unterminated disk label.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
- Patch
- PatchVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- Patch
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:xine:xine:0.9.18:*:*:*:*:*:*:*
cpe:2.3:a:xine:xine:1_rc2:*:*:*:*:*:*:*
cpe:2.3:a:xine:xine:1_rc3:*:*:*:*:*:*:*
cpe:2.3:a:xine:xine:1_rc4:*:*:*:*:*:*:*
cpe:2.3:a:xine:xine:1_rc5:*:*:*:*:*:*:*
cpe:2.3:a:xine:xine-lib:0.99:*:*:*:*:*:*:*
cpe:2.3:a:xine:xine-lib:1_rc2:*:*:*:*:*:*:*
cpe:2.3:a:xine:xine-lib:1_rc3:*:*:*:*:*:*:*
cpe:2.3:a:xine:xine-lib:1_rc4:*:*:*:*:*:*:*
cpe:2.3:a:xine:xine-lib:1_rc5:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:8.2:*:personal:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:9.0:*:personal:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:9.1:*:personal:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:9.2:*:personal:*:*:*:*:*
EPSS
Процентиль: 83%
0.02053
Низкий
5.1 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
debian
больше 20 лет назад
Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc ...
github
больше 3 лет назад
Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows attackers to execute arbitrary code via a VideoCD with an unterminated disk label.
EPSS
Процентиль: 83%
0.02053
Низкий
5.1 Medium
CVSS2
Дефекты
NVD-CWE-Other