CVE-2005-1195
Novell Linux Desktop 9 for x86,Novell Linux Desktop 9 for x86_64,SLES SDK 9 for IBM S/390 and IBM zSeries,SLES SDK 9 for IBM iSeries and IBM pSeries,SLES SDK 9 for IBM zSeries,SLES SDK 9 for IPF,SLES SDK 9 for X86-64,SLES SDK 9 for x86,SuSE Linux Desktop 1.0
CVE-2005-1195, security advisory, novell, suse linux, suse, security, cve

CVE-2005-1195

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2005-1195 at MITRE

Description

Multiple heap-based buffer overflows in the code used to handle (1) MMS over TCP (MMST) streams or (2) RealMedia RTSP streams in xine-lib before 1.0, and other products that use xine-lib such as MPlayer 1.0pre6 and earlier, allow remote malicious servers to execute arbitrary code.

SUSE information

CVSS v2 Scores
  National Vulnerability Database
Base Score 7.48
Vector AV:N/AC:L/Au:N/C:P/I:P/A:P
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial
SUSE Bugzilla entries: 78960, 80217 [RESOLVED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
Novell Linux Desktop 9 for x86
Novell Linux Desktop 9 for x86_64
SLES SDK 9 for IBM S/390 and IBM zSeries
SLES SDK 9 for x86
  • xine-lib >= 0.99.rc3a-106.21
core9.s390
core9.ppc
core9.ia64
core9.s390x
core9.x86
core9.x86-64
YOU Patch Nr: 10026
SLES SDK 9 for IPF
  • xine-lib >= 0.99.rc3a-106.21
  • xine-lib-x86 >= 9-200504222050
core9.s390
core9.ppc
core9.ia64
core9.s390x
core9.x86
core9.x86-64
YOU Patch Nr: 10026
SLES SDK 9 for IBM iSeries and IBM pSeries
  • xine-lib >= 0.99.rc3a-106.21
  • xine-lib-64bit >= 9-200504222125
core9.s390
core9.ppc
core9.ia64
core9.s390x
core9.x86
core9.x86-64
YOU Patch Nr: 10026
SLES SDK 9 for IBM zSeries
  • xine-lib >= 0.99.rc3a-106.21
  • xine-lib-32bit >= 9-200504222208
core9.s390
core9.ppc
core9.ia64
core9.s390x
core9.x86
core9.x86-64
YOU Patch Nr: 10026
SLES SDK 9 for X86-64
  • xine-lib >= 0.99.rc3a-106.21
  • xine-lib-32bit >= 9-200504222104
core9.s390
core9.ppc
core9.ia64
core9.s390x
core9.x86
core9.x86-64
YOU Patch Nr: 10026
SuSE Linux Desktop 1.0
  • MPlayer >= 0.90rc4-266
Builds