- 28 May 2008Advisories » xine-lib Multiple Remote Integer Overflow Vulnerabilities
| Release Date: | 21/03/2008 | Severity: | Highly Critical  |
| SecWatch Advisory: | SWID1020718 | Cause: | Not specified |
| Solution Status: | Unpatched | Impact: | Denial of service Execution of arbitrary code |
| Exploit Status: | Exploit Available | Access Vector: | From remote |
| Affected Software: | xine-lib 1.x | ||
Description:
Multiple vulnerabilities in xine-lib have been reported, which can be exploited by remote users to potentially compromise a user's system.
Integer overflow errors exist when handling overly large fields included in FLV, MOV, RM, MVE, MKV and CAK files within src/demuxers/demux_flv.c, src/demuxers/demux_qt.c, src/demuxers/demux_real.c, src/demuxers/demux_wc3movie.c, src/demuxers/ebml.c and src/demuxers/demux_film.c. These can be exploited to cause heap-based buffer overflows and potentially execute arbitrary code.
Affected:
xine-lib version 1.1.11. Other versions may also be affected.
Proof of Concept:
Demonstration exploit code is available:
http://secwatch.org/exploits/2008/03/xinehof.zip.info
Solution:
There was no vendor-supplied solution at the time of entry.
Credits:
Free Vulnerability Notification Service
Receive free instant and customisable notifications of new vulnerabilities or exploits via e-mail, web or RSS feeds. Click here for more information.
Related Vulnerabilities and Exploits
17 Apr 08: xine-lib NSF Demuxer Title Handling Remote Buffer Overflow Vulner..
15 Apr 08: xine-lib Speex Header Processing Remote Buffer Overflow Vulnerabi..
19 Mar 08: xine-lib RTSP Stream "sdpplin_parse()" Array Indexing Vulnerabili..
05 Feb 08: xine-lib FLAC Processing Remote Memory Corruption Vulnerability
13 Mar 07: xine-lib "DMO_VideoDecoder_Open()" and "DS_VideoDecoder_Open()" R..