CVE-2004-1455

Stack-based buffer overflow in Xine-lib-rc5 in xine-lib 1_rc5-r2 and earlier allows remote attackers to execute arbitrary code via crafted playlists that result in a long vcd:// URL.

CVSS v2.0 5.1 MEDIUM

5.1^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:H/Au:N/C:P/I:P/A:P

Exploitability : 4.9 / Impact : 6.4

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://marc.info/?l=bugtraq&m=109284737628045&w=2
http://open-security.org/advisories/6
http://secunia.com/advisories/12194/
http://www.gentoo.org/security/en/glsa/glsa-200408-18.xml	Patch
http://www.securityfocus.com/bid/10890	Exploit Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/16930
http://marc.info/?l=bugtraq&m=109284737628045&w=2
http://open-security.org/advisories/6
http://secunia.com/advisories/12194/
http://www.gentoo.org/security/en/glsa/glsa-200408-18.xml	Patch
http://www.securityfocus.com/bid/10890	Exploit Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/16930

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:xine:xine-lib:1_beta1:::::::*
	cpe:2.3:a:xine:xine-lib:1_beta2:::::::*
	cpe:2.3:a:xine:xine-lib:1_beta3:::::::*
	cpe:2.3:a:xine:xine-lib:1_beta4:::::::*
	cpe:2.3:a:xine:xine-lib:1_beta5:::::::*
	cpe:2.3:a:xine:xine-lib:1_beta6:::::::*
	cpe:2.3:a:xine:xine-lib:1_beta7:::::::*
	cpe:2.3:a:xine:xine-lib:1_beta8:::::::*
	cpe:2.3:a:xine:xine-lib:1_beta9:::::::*
	cpe:2.3:a:xine:xine-lib:1_beta10:::::::*
	cpe:2.3:a:xine:xine-lib:1_beta11:::::::*
	cpe:2.3:a:xine:xine-lib:1_rc2:::::::*
	cpe:2.3:a:xine:xine-lib:1_rc3a:::::::*
	cpe:2.3:a:xine:xine-lib:1_rc3b:::::::*
	cpe:2.3:a:xine:xine-lib:1_rc3c:::::::*
	cpe:2.3:a:xine:xine-lib:1_rc4:::::::*
	cpe:2.3:a:xine:xine-lib:1_rc5:::::::*
	cpe:2.3:a:xine:xine-lib:1_rc5_r2:::::::*

History

20 Nov 2024, 23:50

Type	Values Removed	Values Added
References	~~() http://marc.info/?l=bugtraq&m=109284737628045&w=2 -~~	() http://marc.info/?l=bugtraq&m=109284737628045&w=2 -
References	~~() http://open-security.org/advisories/6 -~~	() http://open-security.org/advisories/6 -
References	~~() http://secunia.com/advisories/12194/ -~~	() http://secunia.com/advisories/12194/ -
References	~~() http://www.gentoo.org/security/en/glsa/glsa-200408-18.xml - Patch~~	() http://www.gentoo.org/security/en/glsa/glsa-200408-18.xml - Patch
References	~~() http://www.securityfocus.com/bid/10890 - Exploit, Patch~~	() http://www.securityfocus.com/bid/10890 - Exploit, Patch
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/16930 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/16930 -

Information

Published : 2004-12-31 05:00

Updated : 2025-04-03 01:03

NVD link : CVE-2004-1455

Mitre link : CVE-2004-1455

CVE.ORG link : CVE-2004-1455

JSON object : View

Products Affected

xine

xine-lib

CWE

NVD-CWE-Other

5.1 /10