VDB

CVE-2006-2230

CVE-2006-2230 PUBLISHED CVSS 5 MEDIUM

Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine 0.99.4 might allow attackers to cause a denial of service via format string specifiers in an MP3 filename specified on the command line. NOTE: this is a different vulnerability than CVE-2006-1905. In addition, if the only attack vectors involve a user-assisted, local command line argument of a non-setuid program, this issue might not be a vulnerability.

EPSS 1.20% · 79.3th percentile

Risk Scores

CVSS 2.0
5
EPSS Score
1.20%
79.3th percentile

Affected Products

VendorProductVersions
n/an/an/a
xinexine0.99.4

Timeline

  • May 5, 2006 CVE Published
  • Feb 4, 2022 EPSS Score
  • Mar 29, 2022 EPSS Score
  • May 1, 2022 CVE Updated
  • May 20, 2022 EPSS Score
  • Jul 12, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score
  • Oct 26, 2022 EPSS Score
  • Dec 18, 2022 EPSS Score
  • Feb 9, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Apr 3, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›