Total vulnerabilities in the database
Multiple integer overflows in xine-lib 1.1.12, and other 1.1.15 and earlier versions, allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via (1) crafted width and height values that are not validated by the mymng_process_header function in demux_mng.c before use in an allocation calculation or (2) crafted current_atom_size and string_size values processed by the parse_reference_atom function in demux_qt.c for an RDRF_ATOM string.
| Software | From | Fixed in |
|---|---|---|
| xine / xine | 1-beta3 | 1-beta3.x |
| xine / xine | 1-rc0a | 1-rc0a.x |
| xine / xine | 1-beta6 | 1-beta6.x |
| xine / xine | 1.1.10.1 | 1.1.10.1.x |
| xine / xine | 1.0.1 | 1.0.1.x |
| xine / xine | 1-rc1 | 1-rc1.x |
| xine / xine | 1-rc6a | 1-rc6a.x |
| xine / xine | 1-beta4 | 1-beta4.x |
| xine / xine | 1-rc8 | 1-rc8.x |
| xine / xine | 1.1.0 | 1.1.0.x |
| xine / xine | 1-rc5 | 1-rc5.x |
| xine / xine | 1.1.1 | 1.1.1.x |
| xine / xine | 1-beta7 | 1-beta7.x |
| xine / xine | 1.0.3a | 1.0.3a.x |
| xine / xine | 1.1.3 | 1.1.3.x |
| xine / xine | 1.0.2 | 1.0.2.x |
| xine / xine | 1-beta10 | 1-beta10.x |
| xine / xine | 1-beta1 | 1-beta1.x |
| xine / xine | 1-rc3a | 1-rc3a.x |
| xine / xine | 1.0 | 1.0.x |
| xine / xine | 1-beta8 | 1-beta8.x |
| xine / xine | 1.1.11.1 | 1.1.11.1.x |
| xine / xine | - | 1.1.5.x |
| xine / xine | 0.9.13 | 0.9.13.x |
| xine / xine | 1-beta2 | 1-beta2.x |
| xine / xine | 1-beta9 | 1-beta9.x |
| xine / xine | 1-rc7 | 1-rc7.x |
| xine / xine | 1-rc4 | 1-rc4.x |
| xine / xine | 1.1.11 | 1.1.11.x |
| xine / xine | 1-rc3c | 1-rc3c.x |
| xine / xine | 1.1.2 | 1.1.2.x |
| xine / xine | 1-rc2 | 1-rc2.x |
| xine / xine | 1-rc4a | 1-rc4a.x |
| xine / xine | 1-rc3 | 1-rc3.x |
| xine / xine | 1.1.4 | 1.1.4.x |
| xine / xine | 1-beta5 | 1-beta5.x |
| xine / xine | 1-beta11 | 1-beta11.x |
| xine / xine | 1-beta12 | 1-beta12.x |
| xine / xine | 1-rc3b | 1-rc3b.x |