[xine-lib] [CVE-2008-1482] multiple integer overflows in xine-lib 1.1.11 and earlier
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
xine-lib (Ubuntu) |
Invalid
|
Undecided
|
Jamie Strandboge | ||
Bug Description
This bug report is intended for the stable releases. For Hardy, this seems to have been fixed, see Bug#204557.
Quoting CVE-2008-1482:
"Multiple integer overflows in xine-lib 1.1.11 and earlier allow remote attackers to trigger heap-based buffer overflows and possibly execute arbitrary code via (1) a crafted .FLV file, which triggers an overflow in demuxers/
Thank you for taking the time to report this bug and helping to make Ubuntu better. This particular bug has already been reported and is a duplicate of bug 195700, so it is being marked as such. Please look at the other bug report to see if there is any missing information that you can provide, or to see if there is a workaround for the bug. Additionally, any further discussion regarding the bug should occur in the other report. Feel free to continue to report any other bugs you may find.