Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2008-0225
HistoryJan 10, 2008 - 12:00 a.m.

CVE-2008-0225

2008-01-1000:00:00
ubuntu.com
ubuntu.com
7

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.099 Low

EPSS

Percentile

94.9%

JSON

Heap-based buffer overflow in the rmff_dump_cont function in
input/libreal/rmff.c in xine-lib 1.1.9 and earlier allows remote attackers
to execute arbitrary code via the SDP Abstract attribute in an RTSP
session, related to the rmff_dump_header function and related to
disregarding the max field. NOTE: some of these details are obtained from
third party information.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchmplayer< 2:0.99+1.0pre7try2+cvs20060117-0ubuntu8.2UNKNOWN
ubuntu6.10noarchmplayer< 2:0.99+1.0pre8-0ubuntu8.3UNKNOWN
ubuntu7.04noarchmplayer< 2:1.0~rc1-0ubuntu9.3UNKNOWN
ubuntu7.10noarchmplayer< 2:1.0~rc1-0ubuntu13.2UNKNOWN
ubuntu6.06noarchxine-lib< 1.1.1+ubuntu2-7.9UNKNOWN
ubuntu7.04noarchxine-lib< 1.1.4-2ubuntu3.1UNKNOWN
ubuntu7.10noarchxine-lib< 1.1.7-1ubuntu1.3UNKNOWN

Related

nessus 10
openvas 14
fedora 1
securityvulns 3
nvd 2
freebsd 1
cve 2
prion 2
cvelist 2
debian 1
ubuntucve 1
gentoo 1
ubuntu 1
nessus
nessus
openSUSE 10 Security Update : xine-devel (xine-devel-4916)
2008-01-27 00:00:00
openSUSE 10 Security Update : xine-devel (xine-devel-4917)
2008-01-27 00:00:00
FreeBSD : libxine -- buffer overflow vulnerability (02eedd3c-c6b5-11dc-93b6-000e35248ad7)
2008-01-21 00:00:00
openvas
openvas
Debian Security Advisory DSA 1472-1 (xine-lib)
2008-01-31 00:00:00
FreeBSD Ports: libxine
2008-09-04 00:00:00
Debian: Security Advisory (DSA-1472-1)
2008-01-31 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: xine-lib-1.1.9.1-1.fc8
2008-01-15 23:11:44
securityvulns
securityvulns
[SECURITY] [DSA 1472-1] New xine-lib packages fix arbitrary code execution
2008-01-21 00:00:00
Xine / MPlayer / VLC buffer overflow
2008-03-25 00:00:00
Mplayer / Xine multiple security vulnerabilities
2008-02-16 00:00:00
nvd
nvd
CVE-2008-0225
2008-01-10 23:46:00
CVE-2008-0238
2008-01-11 21:46:00
freebsd
freebsd
libxine -- buffer overflow vulnerability
2008-01-08 00:00:00
cve
cve
CVE-2008-0225
2008-01-10 23:46:00
CVE-2008-0238
2008-01-11 21:46:00
prion
prion
Heap overflow
2008-01-10 23:46:00
Heap overflow
2008-01-11 21:46:00
cvelist
cvelist
CVE-2008-0225
2008-01-10 23:00:00
CVE-2008-0238
2008-01-11 21:00:00
debian
debian
[SECURITY] [DSA 1472-1] New xine-lib packages fix arbitrary code execution
2008-01-21 18:26:55
ubuntucve
ubuntucve
CVE-2008-0238
2008-01-11 00:00:00
gentoo
gentoo
xine-lib: User-assisted execution of arbitrary code
2008-01-27 00:00:00
ubuntu
ubuntu
xine-lib vulnerabilities
2008-08-06 00:00:00

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.099 Low

EPSS

Percentile

94.9%

JSON
Related for UB:CVE-2008-0225
nessus10openvas14fedora1securityvulns3nvd2freebsd1cve2prion2cvelist2debian1ubuntucve1gentoo1ubuntu1