Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows attackers to execute arbitrary code via a VideoCD with an unterminated disk label.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Xine | Xine | 0.9.18 (including) | 0.9.18 (including) |
Xine | Xine | 1_rc2 (including) | 1_rc2 (including) |
Xine | Xine | 1_rc3 (including) | 1_rc3 (including) |
Xine | Xine | 1_rc4 (including) | 1_rc4 (including) |
Xine | Xine | 1_rc5 (including) | 1_rc5 (including) |
Xine-lib | Xine | 0.99 (including) | 0.99 (including) |
Xine-lib | Xine | 1_rc2 (including) | 1_rc2 (including) |
Xine-lib | Xine | 1_rc3 (including) | 1_rc3 (including) |
Xine-lib | Xine | 1_rc4 (including) | 1_rc4 (including) |
Xine-lib | Xine | 1_rc5 (including) | 1_rc5 (including) |