CVE Vulnerabilities

CVE-2008-0073

Published: Mar 24, 2008 | Modified: Aug 08, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Array index error in the sdpplin_parse function in input/libreal/sdpplin.c in xine-lib 1.1.10.1 allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter.

Affected Software

Name Vendor Start Version End Version
Mplayer Ubuntu dapper *
Mplayer Ubuntu hardy *
Mplayer Ubuntu intrepid *
Mplayer Ubuntu jaunty *
Mplayer Ubuntu karmic *
Vlc Ubuntu dapper *
Vlc Ubuntu devel *
Vlc Ubuntu edgy *
Vlc Ubuntu feisty *
Vlc Ubuntu gutsy *
Vlc Ubuntu hardy *
Vlc Ubuntu intrepid *
Vlc Ubuntu jaunty *
Vlc Ubuntu karmic *
Vlc Ubuntu lucid *
Vlc Ubuntu maverick *
Vlc Ubuntu natty *
Vlc Ubuntu oneiric *
Xine-lib Ubuntu dapper *
Xine-lib Ubuntu edgy *
Xine-lib Ubuntu feisty *
Xine-lib Ubuntu gutsy *
Xine-lib Ubuntu upstream *

References