Upstream information

CVE-2006-2802 at MITRE

Description

Buffer overflow in the HTTP Plugin (xineplug_inp_http.so) for xine-lib 1.1.1 allows remote attackers to cause a denial of service (application crash) via a long reply from an HTTP server, as demonstrated using gxine 0.5.6.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having critical severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 5
Vector AV:N/AC:L/Au:N/C:N/I:N/A:P
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial
SUSE Bugzilla entries: 180850 [RESOLVED / FIXED], 222892 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
Novell Linux Desktop 9 for x86
SLES SDK 9 for IBM S/390 and IBM zSeries
SLES SDK 9 for x86
  • xine-lib >= 0.99.rc3a-106.29
sles9-nld.x86
core9.s390
sles9-nld.x86-64
core9.ia64
core9.ppc
YOU Patch Nr: 11049
Novell Linux Desktop 9 for x86_64
SLES SDK 9 for X86-64
  • xine-lib >= 0.99.rc3a-106.29
  • xine-lib-32bit >= 9-200606081412
sles9-nld.x86
core9.s390
sles9-nld.x86-64
core9.ia64
core9.ppc
YOU Patch Nr: 11049
SLES SDK 9 for IPF
  • xine-lib >= 0.99.rc3a-106.29
  • xine-lib-x86 >= 9-200606081353
sles9-nld.x86
core9.s390
sles9-nld.x86-64
core9.ia64
core9.ppc
YOU Patch Nr: 11049
SLES SDK 9 for IBM iSeries and IBM pSeries
  • xine-lib >= 0.99.rc3a-106.29
  • xine-lib-64bit >= 9-200606081227
sles9-nld.x86
core9.s390
sles9-nld.x86-64
core9.ia64
core9.ppc
YOU Patch Nr: 11049
SLES SDK 9 for IBM zSeries
  • xine-lib >= 0.99.rc3a-106.29
  • xine-lib-32bit >= 9-200606081109
sles9-nld.x86
core9.s390
sles9-nld.x86-64
core9.ia64
core9.ppc
YOU Patch Nr: 11049
SUSE LINUX 10.0
  • xine-lib >= 1.1.0-12.5
  • xine-lib-32bit >= 1.1.0-12.5
  • xine-lib-64bit >= 1.1.0-12.5
SUSE LINUX 10.1
  • xine-lib >= 1.1.1-24.6
  • xine-lib-32bit >= 1.1.1-24.6
  • xine-lib-64bit >= 1.1.1-24.6
SUSE LINUX 9.1 for IA32
  • xine-lib >= 0.99.rc3a-106.29
SUSE LINUX 9.1 for x86-64
  • xine-lib >= 0.99.rc3a-106.29
  • xine-lib-32bit >= 9.1-200606132212
SUSE LINUX 9.2
  • xine-lib >= 0.99.rc6a-4.9
  • xine-lib-32bit >= 9.2-200606132154
SUSE LINUX 9.3
  • xine-lib >= 1.0-10.7
  • xine-lib-32bit >= 9.3-7.3