CVE Vulnerabilities

CVE-2004-1476

Published: Dec 31, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.1 MEDIUM
AV:N/AC:H/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows attackers to execute arbitrary code via a VideoCD with an unterminated disk label.

Affected Software

Name Vendor Start Version End Version
Xine Xine 0.9.18 (including) 0.9.18 (including)
Xine Xine 1_rc2 (including) 1_rc2 (including)
Xine Xine 1_rc3 (including) 1_rc3 (including)
Xine Xine 1_rc4 (including) 1_rc4 (including)
Xine Xine 1_rc5 (including) 1_rc5 (including)
Xine-lib Xine 0.99 (including) 0.99 (including)
Xine-lib Xine 1_rc2 (including) 1_rc2 (including)
Xine-lib Xine 1_rc3 (including) 1_rc3 (including)
Xine-lib Xine 1_rc4 (including) 1_rc4 (including)
Xine-lib Xine 1_rc5 (including) 1_rc5 (including)

References