DescriptionHeap-based buffer overflow in the rmff_dump_cont function in input/libreal/rmff.c in xine-lib 1.1.9 and earlier allows remote attackers to execute arbitrary code via the SDP Abstract attribute in an RTSP session, related to the rmff_dump_header function and related to disregarding the max field. NOTE: some of these details are obtained from third party information.
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
SUSE Security Advisories:
- SUSE-SR:2008:002, published Fri, 25 Jan 2008 16:00:00 +0000
List of released packages
|Product(s)||Fixed package version(s)||References|
|SUSE Linux Enterprise Desktop 11 SP4 |
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server for SAP Applications 11 SP4
SUSE Linux Enterprise Software Development Kit 11 SP4
| ||Patchnames: |
SUSE Linux Enterprise Software Development Kit 11 SP4 GA libxine-devel-1.1.15-23.3.9
SUSE Timeline for this CVECVE page created: Fri Jun 28 02:27:41 2013
CVE page last modified: Fri Oct 7 12:45:40 2022