Описание
Format string vulnerability in input_cdda.c in xine-lib 1-beta through 1-beta 3, 1-rc, 1.0 through 1.0.2, and 1.1.1 allows remote servers to execute arbitrary code via format string specifiers in metadata in CDDB server responses when the victim plays a CD.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.1.1+ubuntu1-2 |
| devel | DNE | |
| edgy | released | 1.1.1+ubuntu1-2 |
| feisty | released | 1.1.1+ubuntu1-2 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.1.1+ubuntu2-7.7 |
| devel | released | 1.1.4-2ubuntu3 |
| edgy | released | 1.1.2+repacked1-0ubuntu3.4 |
| feisty | released | 1.1.4-2ubuntu3 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
7.5 High
CVSS2
Связанные уязвимости
Format string vulnerability in input_cdda.c in xine-lib 1-beta through 1-beta 3, 1-rc, 1.0 through 1.0.2, and 1.1.1 allows remote servers to execute arbitrary code via format string specifiers in metadata in CDDB server responses when the victim plays a CD.
Format string vulnerability in input_cdda.c in xine-lib 1-beta through ...
Format string vulnerability in input_cdda.c in xine-lib 1-beta through 1-beta 3, 1-rc, 1.0 through 1.0.2, and 1.1.1 allows remote servers to execute arbitrary code via format string specifiers in metadata in CDDB server responses when the victim plays a CD.
7.5 High
CVSS2