Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2008-5246
HistoryNov 26, 2008 - 1:30 a.m.

CVE-2008-5246

2008-11-2601:30:00
CWE-119
[email protected]
web.nvd.nist.gov
37
cve
2008
5246
xine-lib
buffer overflows
remote attackers
arbitrary code
id3 data
security vulnerability
nvd
demuxers
id3.c

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

High

0.107 Low

EPSS

Percentile

95.1%

JSON

Multiple heap-based buffer overflows in xine-lib before 1.1.15 allow remote attackers to execute arbitrary code via vectors that send ID3 data to the (1) id3v22_interp_frame and (2) id3v24_interp_frame functions in src/demuxers/id3.c. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

NVD
Node
xinexine-libRange1.1.14
OR
xinexine-libMatch0.9.13
OR
xinexine-libMatch1rc0a
OR
xinexine-libMatch1rc1
OR
xinexine-libMatch1rc2
OR
xinexine-libMatch1rc3
OR
xinexine-libMatch1rc3a
OR
xinexine-libMatch1rc3b
OR
xinexine-libMatch1rc3c
OR
xinexine-libMatch1rc4
OR
xinexine-libMatch1rc4a
OR
xinexine-libMatch1rc5
OR
xinexine-libMatch1rc6a
OR
xinexine-libMatch1rc7
OR
xinexine-libMatch1rc8
OR
xinexine-libMatch1.0
OR
xinexine-libMatch1.0.1
OR
xinexine-libMatch1.0.2
OR
xinexine-libMatch1.0.3a
OR
xinexine-libMatch1.1.0
OR
xinexine-libMatch1.1.1
OR
xinexine-libMatch1.1.2
OR
xinexine-libMatch1.1.3
OR
xinexine-libMatch1.1.4
OR
xinexine-libMatch1.1.5
OR
xinexine-libMatch1.1.6
OR
xinexine-libMatch1.1.7
OR
xinexine-libMatch1.1.8
OR
xinexine-libMatch1.1.9
OR
xinexine-libMatch1.1.9.1
OR
xinexine-libMatch1.1.10
OR
xinexine-libMatch1.1.10.1
OR
xinexine-libMatch1.1.11
OR
xinexine-libMatch1.1.11.1
OR
xinexine-libMatch1.1.12
OR
xinexine-libMatch1.1.13
OR
xinexine-libMatch1_beta1
OR
xinexine-libMatch1_beta2
OR
xinexine-libMatch1_beta3
OR
xinexine-libMatch1_beta4
OR
xinexine-libMatch1_beta5
OR
xinexine-libMatch1_beta6
OR
xinexine-libMatch1_beta7
OR
xinexine-libMatch1_beta8
OR
xinexine-libMatch1_beta9
OR
xinexine-libMatch1_beta10
OR
xinexine-libMatch1_beta11
OR
xinexine-libMatch1_beta12

Related

cvelist 1
prion 1
nvd 1
debiancve 1
ubuntucve 2
nessus 7
openvas 10
ubuntu 1
gentoo 1
cvelist
cvelist
CVE-2008-5246
2008-11-26 01:00:00
prion
prion
Heap overflow
2008-11-26 01:30:00
nvd
nvd
CVE-2008-5246
2008-11-26 01:30:00
debiancve
debiancve
CVE-2008-5246
2008-11-26 01:30:00
ubuntucve
ubuntucve
CVE-2008-5246
2008-11-26 00:00:00
CVE-2008-5234
2008-11-26 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : xine-lib (MDVSA-2009:020)
2009-04-23 00:00:00
Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : xine-lib vulnerabilities (USN-710-1)
2009-04-23 00:00:00
Mandriva Linux Security Advisory : xine-lib (MDVSA-2009:319)
2009-12-07 00:00:00
openvas
openvas
Mandrake Security Advisory MDVSA-2009:020 (xine-lib)
2009-01-26 00:00:00
Mandrake Security Advisory MDVSA-2009:020 (xine-lib)
2009-01-26 00:00:00
Mandriva Security Advisory MDVSA-2009:319 (xine-lib)
2009-12-10 00:00:00
ubuntu
ubuntu
xine-lib vulnerabilities
2009-01-26 00:00:00
gentoo
gentoo
xine-lib: User-assisted execution of arbitrary code
2010-06-01 00:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

High

0.107 Low

EPSS

Percentile

95.1%

JSON
Related for CVE-2008-5246
cvelist1prion1nvd1debiancve1ubuntucve2nessus7openvas10ubuntu1gentoo1