Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple integer overflows in xine-lib 1.1.12, and other 1.1.15 and earlier versions, allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via (1) crafted width and height values that are not validated by the mymng_process_header function in demux_mng.c before use in an allocation calculation or (2) crafted current_atom_size and string_size values processed by the parse_reference_atom function in demux_qt.c for an RDRF_ATOM string.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
xine xine-lib库多个拒绝服务攻击漏洞
Vulnerability Description
xine是一款免费的媒体播放器,支持多种格式。 xine-lib库在解析畸形媒体文件时存在多个缓冲区溢出漏洞,允许远程攻击者造成拒绝服务攻击从而执行任意代码.包括(1)demux_mng.c中mymng_process_header方法中特定无效长宽值(2)demux_qt.c的RDRF_ATOM字节中parse_reference_atom方法特定urrent_atom_size和string_size参数值.
CVSS Information
N/A
Vulnerability Type
N/A