Lucene search
PRIOn knowledge basePRION:CVE-2008-5247HistoryNov 26, 2008 - 1:30 a.m.
Denial of service
2008-11-2601:30:00
PRIOn knowledge base
www.prio-n.com
2
The real_parse_audio_specific_data function in demux_real.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, uses an untrusted height (aka codec_data_length) value as a divisor, which allow remote attackers to cause a denial of service (divide-by-zero error and crash) via a zero value.
References
lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
secunia.com/advisories/31827
securityreason.com/securityalert/4648
www.ocert.org/analysis/2008-008/analysis.txt
www.securityfocus.com/archive/1/495674/100/0/threaded
www.securityfocus.com/bid/30797
www.redhat.com/archives/fedora-package-announce/2008-September/msg00174.html
www.redhat.com/archives/fedora-package-announce/2008-September/msg00385.html
Related
nvd
nvd
CVE-2008-5247
2008-11-26 01:30:00
ubuntucve
ubuntucve
CVE-2008-5247
2008-11-26 00:00:00
cve
cve
CVE-2008-5247
2008-11-26 01:30:00
cvelist
cvelist
CVE-2008-5247
2008-11-26 01:00:00
nessus
nessus
Fedora 9 : xine-lib-1.1.15-1.fc9 (2008-7512)
2008-09-10 00:00:00
Fedora 8 : xine-lib-1.1.15-1.fc8 (2008-7572)
2008-09-10 00:00:00
SuSE 10 Security Update : xine (ZYPP Patch Number 5965)
2011-01-27 00:00:00
gentoo
gentoo
xine-lib: User-assisted execution of arbitrary code
2010-06-01 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 201006-04 (xine-lib)
2011-03-09 00:00:00
Gentoo Security Advisory GLSA 201006-04 (xine-lib)
2011-03-09 00:00:00
SuSE Security Summary SUSE-SR:2009:004
2009-02-18 00:00:00