oss-sec mailing list archives
Re: CVE id request: xine-lib <= 1.1.12 nsf handling
From: "Steven M. Christey" <coley () linus mitre org>
Date: Thu, 17 Apr 2008 17:20:40 -0400 (EDT)
====================================================== Name: CVE-2008-1878 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1878 Reference: BID:28816 Reference: FRSIRT:ADV-2008-1247 Reference: URL:http://www.frsirt.com/english/advisories/2008/1247/references Reference: MILW0RM:5458 Reference: URL:http://www.milw0rm.com/exploits/5458 Reference: SECUNIA:29850 Reference: URL:http://secunia.com/advisories/29850 Stack-based buffer overflow in the demux_nsf_send_chunk function in src/demuxers/demux_nsf.c in xine-lib 1.1.12 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long NSF title.
Current thread:
- CVE id request: xine-lib <= 1.1.12 nsf handling Hanno Böck (Apr 17)
- Re: CVE id request: xine-lib <= 1.1.12 nsf handling Steven M. Christey (Apr 17)