Xine-Lib HTTP Response Buffer Overflow Vulnerability

The xine-lib library is susceptible to a buffer-overflow vulnerability. This issue is due to the software's failure to properly bounds-check user-supplied input data before copying it to an insufficiently sized memory buffer.

Successful exploits allow remote attackers to execute arbitrary machine code in the context of application using the affected library.

Versions of xine-lib greater than or equal to 1.0.1 are potentially affected by this issue, but information on specific affected versions is not currently available. Applications that use a vulnerable version of the library may also be affected. Version 0.5.6 of gxine is reportedly vulnerable to this issue.


 

Privacy Statement
Copyright 2010, SecurityFocus