xine-lib
Page content
- Author: voroskoi
- Vulnerable: 1.1.4-2
- Unaffected: 1.1.4-3terminus1
Some vulnerabilities have been reported in xine-lib, which can potentially be exploited by malicious people to compromise a vulnerable system. The vulnerabilities are caused due to boundary errors in the “DMO_VideoDecoder_Open()” function in src/libw32dll/dmo/DMO_VideoDecoder.c and in the “DS_VideoDecoder_Open()” function in src/libw32dll/DirectShow/DS_VideoDecoder.c. These can be exploited to cause heap based buffer overflows and may allow execution of arbitrary code via a specially crafted media file.
- Bug Tracker URL: http://bugs.frugalware.org/task/1839