ReportizFlow
Filtered by vendor Xine
Subscriptions
Total
50 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-2230 | 1 Xine | 1 Xine | 2025-04-03 | N/A |
| Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine 0.99.4 might allow attackers to cause a denial of service via format string specifiers in an MP3 filename specified on the command line. NOTE: this is a different vulnerability than CVE-2006-1905. In addition, if the only attack vectors involve a user-assisted, local command line argument of a non-setuid program, this issue might not be a vulnerability. | ||||
| CVE-2004-1034 | 3 Gentoo, Kaffeine, Xine | 3 Linux, Kaffeine Player, Gxine | 2025-04-03 | N/A |
| Buffer overflow in the http_open function in Kaffeine before 0.5, whose code is also used in gxine before 0.3.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long Content-Type header for a Real Audio Media (.ram) playlist file. | ||||
| CVE-2004-1187 | 3 Mandrakesoft, Mplayer, Xine | 4 Mandrake Linux, Mplayer, Xine and 1 more | 2025-04-03 | N/A |
| Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and other packages such as MPlayer that use the same code, allows remote attackers to execute arbitrary code via long PNA_TAG values, a different vulnerability than CVE-2004-1188. | ||||
| CVE-2005-1692 | 1 Xine | 1 Gxine | 2025-04-03 | N/A |
| Format string vulnerability in gxine 0.4.1 through 0.4.4, and other versions down to 0.3, allows remote attackers to execute arbitrary code via a ram file with a URL whose hostname contains format string specifiers. | ||||
| CVE-2004-1300 | 1 Xine | 1 Xine-lib | 2025-04-03 | N/A |
| Buffer overflow in the open_aiff_file function in demux_aiff.c for xine-lib (libxine) 1-rc7 allows remote attackers to execute arbitrary code via a crafted AIFF file. | ||||
| CVE-2006-1905 | 1 Xine | 1 Xine | 2025-04-03 | N/A |
| Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine 0.99.3 allow remote attackers to execute arbitrary code via format string specifiers in a long filename on an EXTINFO line in a playlist file. | ||||
| CVE-2006-1664 | 1 Xine | 1 Xine-lib | 2025-04-03 | N/A |
| Buffer overflow in xine_list_delete_current in libxine 1.14 and earlier, as distributed in xine-lib 1.1.1 and earlier, allows remote attackers to execute arbitrary code via a crafted MPEG stream. | ||||
| CVE-2004-0372 | 1 Xine | 1 Xine | 2025-04-03 | N/A |
| xine allows local users to overwrite arbitrary files via a symlink attack on a bug report email that is generated by the (1) xine-bugreport or (2) xine-check scripts. | ||||
| CVE-2005-2967 | 1 Xine | 1 Xine-lib | 2025-04-03 | N/A |
| Format string vulnerability in input_cdda.c in xine-lib 1-beta through 1-beta 3, 1-rc, 1.0 through 1.0.2, and 1.1.1 allows remote servers to execute arbitrary code via format string specifiers in metadata in CDDB server responses when the victim plays a CD. | ||||
| CVE-2004-1455 | 1 Xine | 1 Xine-lib | 2025-04-03 | N/A |
| Stack-based buffer overflow in Xine-lib-rc5 in xine-lib 1_rc5-r2 and earlier allows remote attackers to execute arbitrary code via crafted playlists that result in a long vcd:// URL. | ||||