Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
xine-lib 1.1.12, and other 1.1.15 and earlier versions, relies on an untrusted input value to determine the memory allocation and does not check the result for (1) the MATROSKA_ID_TR_CODECPRIVATE track entry element processed by demux_matroska.c; and (2) PROP_TAG, (3) MDPR_TAG, and (4) CONT_TAG chunks processed by the real_parse_headers function in demux_real.c; which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) or possibly execute arbitrary code via a crafted value.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
xine xine-lib库文件多个拒绝服务攻击漏洞
Vulnerability Description
xine是一款免费的媒体播放器,支持多种格式。 xine-lib库依靠装入不可信的内存分配定义值和未检查相应的结果如(1)demux_matroska.c中MATROSKA_ID_TR_CODECPRIVATE跟踪元件计算(2) PROP_TAG(3) MDPR_TAG(4) demux_real.c的real_parse_headers方法中大量CONT_TAG的计算,将允许远程攻击者造成拒绝服务攻击(空指针或崩溃),从而执行任意代码.
CVSS Information
N/A
Vulnerability Type
N/A