Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

xine-lib Multiple Vulnerabilities (Aug-08)

Information

Severity

Severity

Critical

Family

Family

Buffer overflow

CVSSv2 Base

CVSSv2 Base

9.3

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

14 years ago

Modified

Modified

3 years ago

Summary

The host has xine-lib installed, which prone to multiple vulnerabilities.

Insight

Insight

The flaws are due to overflow errors that exist in open_ra_file() in demux_realaudio.c, parse_block_group() in demux_matroska.c, and real_parse_audio_specific_data() in demux_real.c methods.

Affected Software

Affected Software

xine-lib versions 1.1.15 and prior on Linux (All).

Solution

Solution

Update to version 1.1.16.1 or later.

Common Vulnerabilities and Exposures (CVE)