Format string vulnerability in gxine 0.4.1 through 0.4.4, and other versions down to 0.3, allows remote attackers to execute arbitrary code via a ram file with a URL whose hostname contains format string specifiers.
| Software | From | Fixed in |
|---|---|---|
| xine / gxine | 0.41 | 0.41.x |
| xine / gxine | 0.42 | 0.42.x |
| xine / gxine | 0.43 | 0.43.x |
| xine / gxine | 0.44 | 0.44.x |