Ubuntu
xine-lib package

[xine-lib] [CVE-2008-1161] DoS vulnerability and possible arbitrary code execution

Bug #203474 reported by disabled.user on 2008-03-18

This bug report is a duplicate of: Bug #210163: [xine-lib] [DSA-1536-1] several vulnerabilities. Edit Remove

254

Affects		Status	Importance	Assigned to	Milestone
	xine-lib (Ubuntu)	New	Undecided	Unassigned

Bug Description

Binary package hint: libxine1

References:
SUSE-SR:2008:006

Quoting CVE-2008-1161:
"Buffer overflow in the Matroska demuxer (demuxers/demux_matroska.c) in xine-lib before 1.1.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code or via a Matroska file with invalid frame sizes."

CVE References

2008-1161

Revision history for this message

disabled.user (disabled.user-deactivatedaccount) wrote on 2008-04-01:

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntuxine-lib package