CVE Vulnerabilities

CVE-2004-1476

Published: Dec 31, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.1 MEDIUM
AV:N/AC:H/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows attackers to execute arbitrary code via a VideoCD with an unterminated disk label.

Affected Software

Name Vendor Start Version End Version
Xine Xine 0.9.18 0.9.18
Xine Xine 1_rc2 1_rc2
Xine Xine 1_rc3 1_rc3
Xine Xine 1_rc4 1_rc4
Xine Xine 1_rc5 1_rc5
Xine-lib Xine 0.99 0.99
Xine-lib Xine 1_rc2 1_rc2
Xine-lib Xine 1_rc3 1_rc3
Xine-lib Xine 1_rc4 1_rc4
Xine-lib Xine 1_rc5 1_rc5

References