CVE-2004-1379: Buffer Overflow
First published: Thu Sep 16 2004(Updated: )
Heap-based buffer overflow in the DVD subpicture decoder in xine xine-lib 1-rc5 and earlier allows remote attackers to execute arbitrary code via a (1) DVD or (2) MPEG subpicture header where the second field reuses RLE data from the end of the first field.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| xine xine | =1_beta9 | |
| xine xine | =1_beta3 | |
| xine xine | =1_rc0a | |
| xine xine-lib | =1_beta7 | |
| xine xine-lib | =1_rc3 | |
| xine xine | =1_rc4 | |
| xine xine-lib | =1_beta9 | |
| xine xine | =1_alpha | |
| xine xine-lib | =1_rc3b | |
| xine xine | =1_beta4 | |
| xine xine-lib | =0.9.8 | |
| xine xine-lib | =1_beta4 | |
| xine xine-lib | =1_rc5 | |
| xine xine | =1_rc3b | |
| xine xine | =1_beta2 | |
| xine xine | =1_rc3a | |
| xine xine | =1_rc2 | |
| xine xine-lib | =1_rc3c | |
| xine xine | =1_beta10 | |
| xine xine | =1_beta12 | |
| xine xine | =1_beta11 | |
| xine xine | =1_beta7 | |
| xine xine | =1_beta8 | |
| xine xine | =1_rc1 | |
| xine xine-lib | =1_rc2 | |
| xine xine | =1_rc5 | |
| xine xine-lib | =1_beta2 | |
| xine xine-lib | =1_rc0 | |
| xine xine-lib | =1_beta5 | |
| xine xine | =1_beta6 | |
| xine xine | =1_beta1 | |
| xine xine-lib | =1_beta6 | |
| xine xine | =1_rc3 | |
| xine xine-lib | =1_rc1 | |
| xine xine-lib | =1_rc3a | |
| xine xine | =1_rc0 | |
| xine xine-lib | =1_beta12 | |
| xine xine-lib | =1_rc4 | |
| xine xine | =1_beta5 | |
| xine xine-lib | =1_beta8 | |
| xine xine-lib | =1_beta3 |
Remedy
http://slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.320308
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securityfocus.com/archive/1/375482/2004-09-02/2004-09-08/0
- http://xinehq.de/index.php/security/XSA-2004-5
- http://www.debian.org/security/2005/dsa-657
- http://www.gentoo.org/security/en/glsa/glsa-200409-30.xml
- http://slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.320308
- http://www.vuxml.org/freebsd/131bd7c4-64a3-11d9-829a-000a95bc6fae.html
- http://www.securityfocus.com/bid/11205
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17423
- collector/nvd-historical
- collector/nvd-index
- agent/author
- agent/severity
- agent/weakness
- agent/description
- agent/type
- agent/references
- agent/event
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/xine
- canonical/xine xine
- version/xine xine/1_beta9
- version/xine xine/1_beta3
- version/xine xine/1_rc0a
- canonical/xine xine-lib
- version/xine xine-lib/1_beta7
- version/xine xine-lib/1_rc3
- version/xine xine/1_rc4
- version/xine xine-lib/1_beta9
- version/xine xine/1_alpha
- version/xine xine-lib/1_rc3b
- version/xine xine/1_beta4
- version/xine xine-lib/0.9.8
- version/xine xine-lib/1_beta4
- version/xine xine-lib/1_rc5
- version/xine xine/1_rc3b
- version/xine xine/1_beta2
- version/xine xine/1_rc3a
- version/xine xine/1_rc2
- version/xine xine-lib/1_rc3c
- version/xine xine/1_beta10
- version/xine xine/1_beta12
- version/xine xine/1_beta11
- version/xine xine/1_beta7
- version/xine xine/1_beta8
- version/xine xine/1_rc1
- version/xine xine-lib/1_rc2
- version/xine xine/1_rc5
- version/xine xine-lib/1_beta2
- version/xine xine-lib/1_rc0
- version/xine xine-lib/1_beta5
- version/xine xine/1_beta6
- version/xine xine/1_beta1
- version/xine xine-lib/1_beta6
- version/xine xine/1_rc3
- version/xine xine-lib/1_rc1
- version/xine xine-lib/1_rc3a
- version/xine xine/1_rc0
- version/xine xine-lib/1_beta12
- version/xine xine-lib/1_rc4
- version/xine xine/1_beta5
- version/xine xine-lib/1_beta8
- version/xine xine-lib/1_beta3