Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSD20E23B65-A52E-11E3-AE3A-00224D7C32A2
HistoryFeb 06, 2007 - 12:00 a.m.

xmms -- Integer Overflow And Underflow Vulnerabilities

2007-02-0600:00:00
vuxml.freebsd.org
17

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.282

Percentile

96.9%

JSON

Secunia reports:

Secunia Research has discovered two vulnerabilities in XMMS, which can
be exploited by malicious people to compromise a user’s system.

  1. An integer underflow error exists in the processing of skin bitmap
    images. This can be exploited to cause a stack-based buffer overflow
    via specially crafted skin images containing manipulated header
    information.
    Successful exploitation allows execution of arbitrary code.
  2. An integer overflow error exists in the processing of skin bitmap
    images. This can be exploited to cause memory corruption via specially
    crafted skin images containing manipulated header information.
    Successful exploitation may allow the execution of arbitrary code.
OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchxmms<= 1.2.11_20UNKNOWN

Related

nessus 9
ubuntu 1
openvas 10
securityvulns 2
debian 2
fedora 2
ubuntucve 2
prion 2
cvelist 2
nvd 2
cve 2
nessus
nessus
openSUSE 10 Security Update : xmms (xmms-3073)
2007-10-17 00:00:00
SuSE9 Security Update : XMMS (YOU Patch Number 11483)
2009-09-24 00:00:00
RHEL 4 : xmms (Unpatched Vulnerability)
2024-06-03 00:00:00
ubuntu
ubuntu
XMMS vulnerabilities
2007-03-27 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-1277-1)
2008-01-17 00:00:00
SLES9: Security update for XMMS
2009-10-10 00:00:00
SLES9: Security update for XMMS
2009-10-10 00:00:00
securityvulns
securityvulns
Secunia Research: XMMS Integer Overflow and Underflow Vulnerabilities
2007-03-22 00:00:00
XMMS multimedia player multiple integer overflows
2007-03-22 00:00:00
debian
debian
[SECURITY] [DSA 1277-1] New XMMS packages fix arbitrary code execution
2007-04-04 22:04:39
[SECURITY] [DSA 1277-1] New XMMS packages fix arbitrary code execution
2007-04-04 22:04:39
fedora
fedora
[SECURITY] Fedora 15 Update: xmms-1.2.11-15.20071117cvs.fc15
2011-07-26 03:48:00
[SECURITY] Fedora 14 Update: xmms-1.2.11-15.20071117cvs.fc14
2011-07-26 03:30:35
ubuntucve
ubuntucve
CVE-2007-0653
2007-03-21 00:00:00
CVE-2007-0654
2007-03-21 00:00:00
prion
prion
Integer overflow
2007-03-21 22:19:00
Design/Logic Flaw
2007-03-21 22:19:00
cvelist
cvelist
CVE-2007-0653
2007-03-21 22:00:00
CVE-2007-0654
2007-03-21 22:00:00
nvd
nvd
CVE-2007-0653
2007-03-21 22:19:00
CVE-2007-0654
2007-03-21 22:19:00
cve
cve
CVE-2007-0653
2007-03-21 22:19:00
CVE-2007-0654
2007-03-21 22:19:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.282

Percentile

96.9%

JSON
Related for 20E23B65-A52E-11E3-AE3A-00224D7C32A2
nessus9ubuntu1openvas10securityvulns2debian2fedora2ubuntucve2prion2cvelist2nvd2cve2