CVE-2008-5235 - NVD | ByteOS Network

NVD Vulnerability Details :

CVE-2008-5235

Modified

More Info Official Page

Source-cve@mitre.org

Published At-26 Nov, 2008 | 01:30

Updated At-08 Mar, 2011 | 03:14

Heap-based buffer overflow in the demux_real_send_chunk function in src/demuxers/demux_real.c in xine-lib before 1.1.15 allows remote attackers to execute arbitrary code via a crafted Real Media file. NOTE: some of these details are obtained from third party information.

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	9.3	HIGH	AV:N/AC:M/Au:N/C:C/I:C/A:C

Type: Primary

Version: 2.0

Base score: 9.3

Base severity: HIGH

Vector:

AV:N/AC:M/Au:N/C:C/I:C/A:C

CPE Matches

xine>>xine>>Versions up to 1.1.4(inclusive)

cpe:2.3:a:xine:xine:*:*:*:*:*:*:*:*

xine>>xine>>0.9.13

cpe:2.3:a:xine:xine:0.9.13:*:*:*:*:*:*:*

cpe:2.3:a:xine:xine:1:beta1:*:*:*:*:*:*

cpe:2.3:a:xine:xine:1:beta10:*:*:*:*:*:*

cpe:2.3:a:xine:xine:1:beta11:*:*:*:*:*:*

cpe:2.3:a:xine:xine:1:beta12:*:*:*:*:*:*

cpe:2.3:a:xine:xine:1:beta2:*:*:*:*:*:*

cpe:2.3:a:xine:xine:1:beta3:*:*:*:*:*:*

cpe:2.3:a:xine:xine:1:beta4:*:*:*:*:*:*

cpe:2.3:a:xine:xine:1:beta5:*:*:*:*:*:*

cpe:2.3:a:xine:xine:1:beta6:*:*:*:*:*:*

cpe:2.3:a:xine:xine:1:beta7:*:*:*:*:*:*

cpe:2.3:a:xine:xine:1:beta8:*:*:*:*:*:*

cpe:2.3:a:xine:xine:1:beta9:*:*:*:*:*:*

cpe:2.3:a:xine:xine:1:rc0a:*:*:*:*:*:*

cpe:2.3:a:xine:xine:1:rc1:*:*:*:*:*:*

cpe:2.3:a:xine:xine:1:rc2:*:*:*:*:*:*

cpe:2.3:a:xine:xine:1:rc3:*:*:*:*:*:*

cpe:2.3:a:xine:xine:1:rc3a:*:*:*:*:*:*

cpe:2.3:a:xine:xine:1:rc3b:*:*:*:*:*:*

cpe:2.3:a:xine:xine:1:rc3c:*:*:*:*:*:*

cpe:2.3:a:xine:xine:1:rc4:*:*:*:*:*:*

cpe:2.3:a:xine:xine:1:rc4a:*:*:*:*:*:*

cpe:2.3:a:xine:xine:1:rc5:*:*:*:*:*:*

cpe:2.3:a:xine:xine:1:rc6a:*:*:*:*:*:*

cpe:2.3:a:xine:xine:1:rc7:*:*:*:*:*:*

cpe:2.3:a:xine:xine:1:rc8:*:*:*:*:*:*

xine>>xine>>1.0

cpe:2.3:a:xine:xine:1.0:*:*:*:*:*:*:*

xine>>xine>>1.0.1

cpe:2.3:a:xine:xine:1.0.1:*:*:*:*:*:*:*

xine>>xine>>1.0.2

cpe:2.3:a:xine:xine:1.0.2:*:*:*:*:*:*:*

xine>>xine>>1.0.3a

cpe:2.3:a:xine:xine:1.0.3a:*:*:*:*:*:*:*

xine>>xine>>1.1.0

cpe:2.3:a:xine:xine:1.1.0:*:*:*:*:*:*:*

xine>>xine>>1.1.1

cpe:2.3:a:xine:xine:1.1.1:*:*:*:*:*:*:*

xine>>xine>>1.1.2

cpe:2.3:a:xine:xine:1.1.2:*:*:*:*:*:*:*

xine>>xine>>1.1.3

cpe:2.3:a:xine:xine:1.1.3:*:*:*:*:*:*:*

xine>>xine>>1.1.10.1

cpe:2.3:a:xine:xine:1.1.10.1:*:*:*:*:*:*:*

xine>>xine>>1.1.11

cpe:2.3:a:xine:xine:1.1.11:*:*:*:*:*:*:*

xine>>xine>>1.1.11.1

cpe:2.3:a:xine:xine:1.1.11.1:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-119	Primary	nvd@nist.gov

CWE ID: CWE-119

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html	cve@mitre.org	N/A
http://secunia.com/advisories/31502	cve@mitre.org	Vendor Advisory
http://securitytracker.com/id?1020703	cve@mitre.org	N/A
http://sourceforge.net/project/shownotes.php?release_id=619869	cve@mitre.org	N/A
http://www.securityfocus.com/bid/30698	cve@mitre.org	N/A
http://www.vupen.com/english/advisories/2008/2382	cve@mitre.org	N/A

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/31502

Source: cve@mitre.org

Resource:

Vendor Advisory

Hyperlink: http://securitytracker.com/id?1020703

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://sourceforge.net/project/shownotes.php?release_id=619869

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.securityfocus.com/bid/30698

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.vupen.com/english/advisories/2008/2382

Source: cve@mitre.org

Resource: N/A