Launchpad.net

CVE 2008-1878

Stack-based buffer overflow in the demux_nsf_send_chunk function in src/demuxers/demux_nsf.c in xine-lib 1.1.12 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long NSF title.

Related bugs and status

CVE-2008-1878 (Candidate) is related to these bugs:

Bug #93076: Xine bug with Motion JPEG codec.

		In	Importance	Status
93076	Xine bug with Motion JPEG codec.	xine-lib (Ubuntu)	Undecided	Fix Released
93076	Xine bug with Motion JPEG codec.	xine-lib (Baltix)	Undecided	New
93076	Xine bug with Motion JPEG codec.	xine-lib	Medium	Fix Released

Bug #218652: CVE-2008-1686: Multiple speex implementations insufficient boundary checks

		In	Importance	Status
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	speex (Ubuntu)	Undecided	Invalid
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	libfishsound (Ubuntu)	Undecided	Fix Released
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	libannodex (Ubuntu)	Undecided	Invalid
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	gst-plugins-good0.10 (Ubuntu)	Undecided	Invalid
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	libsdl-sound1.2 (Ubuntu)	Undecided	Won't Fix
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	sweep (Ubuntu)	Undecided	Won't Fix
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	vorbis-tools (Ubuntu)	Undecided	Fix Released
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	vlc (Ubuntu)	Undecided	Fix Released
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	xine-lib (Ubuntu)	Undecided	Fix Released
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	xmms-speex (Ubuntu)	Undecided	Invalid
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	gst-plugins-good0.10 (Ubuntu Dapper)	Medium	Fix Released
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	libannodex (Ubuntu Dapper)	Undecided	Won't Fix
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	libfishsound (Ubuntu Dapper)	Undecided	Won't Fix
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	libsdl-sound1.2 (Ubuntu Dapper)	Undecided	Won't Fix
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	speex (Ubuntu Dapper)	Medium	Fix Released
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	sweep (Ubuntu Dapper)	Undecided	Won't Fix
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	vlc (Ubuntu Dapper)	Undecided	Won't Fix
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	vorbis-tools (Ubuntu Dapper)	Medium	Fix Released
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	xine-lib (Ubuntu Dapper)	Undecided	Fix Released
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	xmms-speex (Ubuntu Dapper)	Undecided	Invalid
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	gst-plugins-good0.10 (Ubuntu Feisty)	Medium	Fix Released
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	libannodex (Ubuntu Feisty)	Undecided	Won't Fix
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	libfishsound (Ubuntu Feisty)	Undecided	Won't Fix
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	libsdl-sound1.2 (Ubuntu Feisty)	Undecided	Won't Fix
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	speex (Ubuntu Feisty)	Medium	Fix Released
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	sweep (Ubuntu Feisty)	Undecided	Won't Fix
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	vlc (Ubuntu Feisty)	Undecided	Won't Fix
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	vorbis-tools (Ubuntu Feisty)	Medium	Fix Released
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	xine-lib (Ubuntu Feisty)	Undecided	Fix Released
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	xmms-speex (Ubuntu Feisty)	Undecided	Won't Fix
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	gst-plugins-good0.10 (Ubuntu Hardy)	Medium	Fix Released
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	libannodex (Ubuntu Hardy)	Undecided	Won't Fix
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	libfishsound (Ubuntu Hardy)	Undecided	Fix Released
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	libsdl-sound1.2 (Ubuntu Hardy)	Undecided	Won't Fix
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	speex (Ubuntu Hardy)	Medium	Fix Released
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	sweep (Ubuntu Hardy)	Undecided	Won't Fix
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	vlc (Ubuntu Hardy)	Undecided	Fix Released
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	vorbis-tools (Ubuntu Hardy)	Medium	Fix Released
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	xine-lib (Ubuntu Hardy)	Undecided	Fix Released
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	xmms-speex (Ubuntu Hardy)	Undecided	Invalid
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	gst-plugins-good0.10 (Ubuntu Gutsy)	Medium	Fix Released
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	libannodex (Ubuntu Gutsy)	Undecided	Won't Fix
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	libfishsound (Ubuntu Gutsy)	Undecided	Won't Fix
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	libsdl-sound1.2 (Ubuntu Gutsy)	Undecided	Won't Fix
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	speex (Ubuntu Gutsy)	Medium	Fix Released
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	sweep (Ubuntu Gutsy)	Undecided	Won't Fix
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	vlc (Ubuntu Gutsy)	Undecided	Won't Fix
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	vorbis-tools (Ubuntu Gutsy)	Medium	Fix Released
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	xine-lib (Ubuntu Gutsy)	Undecided	Fix Released
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	xmms-speex (Ubuntu Gutsy)	Undecided	Won't Fix
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	speex (Gentoo Linux)	Medium	Fix Released
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	speex (Fedora)	High	Fix Released
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	vorbis-tools	Unknown	Fix Released
218652	CVE-2008-1686: Multiple speex implementations insufficient boundary checks	xine-lib	High	Fix Released

Bug #235904: [CVE-2008-1878] Inadequate bounds checking in the NES Sound Format (NSF) demuxer

Summary				In	Importance	Status
	235904	[CVE-2008-1878] Inadequate bounds checking in the NES Sound Format (NSF) demuxer		xine-lib (Ubuntu)	Undecided	Fix Released
	235904	[CVE-2008-1878] Inadequate bounds checking in the NES Sound Format (NSF) demuxer		xine-lib (Baltix)	Undecided	New

Bug #922668: Sync xine-lib-1.2 1.2.0-5 (universe) from Debian unstable (main)

Summary				In	Importance	Status
	922668	Sync xine-lib-1.2 1.2.0-5 (universe) from Debian unstable (main)		xine-lib-1.2 (Ubuntu)	Wishlist	Fix Released

See the

CVE page on Mitre.org for more details.

References

BID: 28816
SECUNIA: 29850
FEDORA: FEDORA-2008-3326
FEDORA: FEDORA-2008-3353
SECUNIA: 30021
SUSE: SUSE-SR:2008:012
SECUNIA: 30581
GENTOO: GLSA-200808-01
MANDRIVA: MDVSA-2008:177
MANDRIVA: MDVSA-2008:178
UBUNTU: USN-635-1
SECUNIA: 31372
SECUNIA: 31393
DEBIAN: DSA-1586
SECUNIA: 30337
VUPEN: ADV-2008-1247
XF: xinelib-demuxnsfsendch...
EXPLOIT-DB: 5458