CVE-2006-1664: Malformed MPEG Stream Buffer Overflow Vulnerability
Bug #41447 reported by
Reinhard Tartler
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
xine-lib (Debian) |
Fix Released
|
Unknown
|
|||
xine-lib (Ubuntu) |
Invalid
|
High
|
Martin Pitt |
Bug Description
According to CVE-2006-1664, there is a "buffer overflow in
xine_list_
in xine-lib 1.1.1 and earlier, allows remote attackers to execute
arbitrary code via a crafted MPEG stream."
CVE References
Changed in xine-lib: | |
assignee: | nobody → pitti |
Changed in xine-lib: | |
status: | Unconfirmed → Fix Released |
To post a comment you must log in.
Security-related, so it should be major. Also note that the upstream bug number is wrong. It's #363127, not #363127. The correct link is http:// bugs.debian. org/cgi- bin/bugreport. cgi?bug= 363127.