xine-lib 'rmff_dump_cont()' Remote Heap Buffer Overflow Vulnerability

info
discussion
exploit
solution
references

xine-lib 'rmff_dump_cont()' Remote Heap Buffer Overflow Vulnerability

An attacker can exploit this issue by enticing an unsuspecting victim to view a malicious data stream.

The following proof-of-concept SDP data is available:

a=Abstract:buffer;'QUFBQUFBQUFBQUFBQUFB...40000_of_QUFBQUFB's...FBQUFB'

When decoding 'QUFBQUFB', the portion will be decoded to 'AAAAAA'.