CVE-2004-1476
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
31/12/2004
Last modified:
11/07/2017
Description
Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows attackers to execute arbitrary code via a VideoCD with an unterminated disk label.
Impact
Base Score 2.0
5.10
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:xine:xine:0.9.18:*:*:*:*:*:*:* | ||
| cpe:2.3:a:xine:xine:1_rc2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:xine:xine:1_rc3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:xine:xine:1_rc4:*:*:*:*:*:*:* | ||
| cpe:2.3:a:xine:xine:1_rc5:*:*:*:*:*:*:* | ||
| cpe:2.3:a:xine:xine-lib:0.99:*:*:*:*:*:*:* | ||
| cpe:2.3:a:xine:xine-lib:1_rc2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:xine:xine-lib:1_rc3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:xine:xine-lib:1_rc4:*:*:*:*:*:*:* | ||
| cpe:2.3:a:xine:xine-lib:1_rc5:*:*:*:*:*:*:* | ||
| cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:* | ||
| cpe:2.3:o:suse:suse_linux:8.2:*:personal:*:*:*:*:* | ||
| cpe:2.3:o:suse:suse_linux:9.0:*:personal:*:*:*:*:* | ||
| cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page