FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

libxine -- buffer-overflow vulnerability in aiff support

Affected packages
libxine <= 1.0.r5_3

Details

VuXML ID 64c8cc2a-59b1-11d9-8a99-000c6e8f12ef
Discovery 2004-12-15
Entry 2004-12-29
Modified 2005-01-12

Due to a buffer overflow in the open_aiff_file function in demux_aiff.c, a remote attacker is able to execute arbitrary code via a modified AIFF file.

References

CVE Name CVE-2004-1300
URL http://tigger.uic.edu/~jlongs2/holes/xine-lib.txt
URL http://xinehq.de/index.php/security/XSA-2004-7

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.