FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

libxine -- DVD subpicture decoder heap overflow

Affected packages
libxine < 1.0.r6

Details

VuXML ID 131bd7c4-64a3-11d9-829a-000a95bc6fae
Discovery 2004-09-06
Entry 2005-01-12
Modified 2005-01-19

A xine security announcement states:

A heap overflow has been found in the DVD subpicture decoder of xine-lib. This can be used for a remote heap overflow exploit, which can, on some systems, lead to or help in executing malicious code with the permissions of the user running a xine-lib based media application.

References

CVE Name CVE-2004-1379
URL http://xinehq.de/index.php/security/XSA-2004-5