Lucene search
Ubuntu.comUB:CVE-2008-0073HistoryMar 24, 2008 - 12:00 a.m.
CVE-2008-0073
2008-03-2400:00:00
ubuntu.com
ubuntu.com
12
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
74.5%
Array index error in the sdpplin_parse function in input/libreal/sdpplin.c
in xine-lib 1.1.10.1 allows remote RTSP servers to execute arbitrary code
via a large streamid SDP parameter.
Bugs
- <https://bugs.launchpad.net/ubuntu/+source/xine-lib/+bug/195700>
- <https://bugs.launchpad.net/ubuntu/+source/xine-lib/+bug/204557>
- <https://bugs.launchpad.net/ubuntu/+source/xine-lib/+bug/210163>
Notes
| Author | Note |
|---|---|
| kees | http://www.milw0rm.com/exploits/5307 |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 8.04 | noarch | vlc | <Β 0.8.6.release.e+x264svn20071224+faad2.6.1-0ubuntu3.1 | UNKNOWN |
| ubuntu | 8.10 | noarch | vlc | <Β 0.8.6.release.e+zdebian-2.3ubuntu1 | UNKNOWN |
| ubuntu | 9.04 | noarch | vlc | <Β 0.8.6.release.e+zdebian-2.3ubuntu1 | UNKNOWN |
| ubuntu | 9.10 | noarch | vlc | <Β 0.8.6.release.e+zdebian-2.3ubuntu1 | UNKNOWN |
| ubuntu | 10.04 | noarch | vlc | <Β 0.8.6.release.e+zdebian-2.3ubuntu1 | UNKNOWN |
| ubuntu | 10.10 | noarch | vlc | <Β 0.8.6.release.e+zdebian-2.3ubuntu1 | UNKNOWN |
| ubuntu | 11.04 | noarch | vlc | <Β 0.8.6.release.e+zdebian-2.3ubuntu1 | UNKNOWN |
| ubuntu | 11.10 | noarch | vlc | <Β 0.8.6.release.e+zdebian-2.3ubuntu1 | UNKNOWN |
| ubuntu | 6.06 | noarch | xine-lib | <Β 1.1.1+ubuntu2-7.9 | UNKNOWN |
| ubuntu | 7.04 | noarch | xine-lib | <Β 1.1.4-2ubuntu3.1 | UNKNOWN |
Related
nessus
nessus
Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / current : xine-lib (SSA:2008-089-03)
2008-03-31 00:00:00
SuSE 10 Security Update : xine (ZYPP Patch Number 5116)
2008-04-01 00:00:00
openSUSE 10 Security Update : xine-devel (xine-devel-5113)
2008-03-31 00:00:00
exploitpack
exploitpack
MPlayer 1.0 rc2 - sdpplin_parse() Array Indexing Buffer Overflow (PoC)
2008-03-25 00:00:00
debiancve
debiancve
CVE-2008-0073
2008-03-24 22:44:00
cve
cve
CVE-2008-0073
2008-03-24 22:44:00
packetstorm
packetstorm
mplayer-overflowpoc.txt
2008-03-26 00:00:00
openvas
openvas
Fedora Update for xine-lib FEDORA-2008-2569
2009-02-16 00:00:00
Fedora Update for xine-lib FEDORA-2008-2569
2009-02-16 00:00:00
Slackware Advisory SSA:2008-089-03 xine-lib
2012-09-11 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: xine-lib-1.1.11-1.fc8
2008-03-21 22:06:16
[SECURITY] Fedora 7 Update: xine-lib-1.1.11.1-1.fc7
2008-04-09 05:18:08
[SECURITY] Fedora 8 Update: xine-lib-1.1.15-1.fc8
2008-09-10 06:45:50
prion
prion
Design/Logic Flaw
2008-03-24 22:44:00
redhatcve
redhatcve
CVE-2008-0073
2019-10-04 21:36:03
securityvulns
securityvulns
[Full-disclosure] CVE-2008-0073 - MPlayer and VLC "sdpplin_parse()" Array Indexing Vulnerability
2008-03-25 00:00:00
Xine / MPlayer / VLC buffer overflow
2008-03-25 00:00:00
cvelist
cvelist
CVE-2008-0073
2008-03-24 22:00:00
seebug
seebug
xine-lib sdpplin_parse()ε½ζ°θΏη¨ζΊ’εΊζΌζ΄
2008-03-21 00:00:00
MPlayer sdpplin_parse() Array Indexing Buffer Overflow Exploit PoC
2008-03-26 00:00:00
slackware
slackware
[slackware-security] xine-lib
2008-03-30 00:05:12
nvd
nvd
CVE-2008-0073
2008-03-24 22:44:00
exploitdb
exploitdb
gentoo
gentoo
xine-lib: User-assisted execution of arbitrary code
2008-08-06 00:00:00
VLC: User-assisted execution of arbitrary code
2008-04-23 00:00:00
osv
osv
xine-lib - several vulnerabilities
2008-03-31 00:00:00
vlc - several vulnerabilities
2008-04-09 00:00:00
debian
debian
[SECURITY] [DSA 1536-1] New libxine packages fix several vulnerabilities
2008-03-31 20:51:58
[SECURITY] [DSA 1543-1] New vlc packages fix several vulnerabilities
2008-04-09 19:26:06
ubuntu
ubuntu
xine-lib vulnerabilities
2008-08-06 00:00:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
74.5%
Related for UB:CVE-2008-0073