VDB
CVE-2008-0073
CVE-2008-0073
PUBLISHED
CVSS 6.800000190734863 MEDIUM
Array index error in the sdpplin_parse function in input/libreal/sdpplin.c in xine-lib 1.1.10.1 allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter.
EPSS 1.77% · 83.0th percentile
Risk Scores
CVSS v2.0
6.800000190734863
EPSS Score
1.77%
83.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| xine | xine-lib | 1.1.10.1 |
Timeline
- Mar 24, 2008 CVE Published
- Mar 25, 2008 PoC Published
- Apr 25, 2008 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 17, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 24, 2023 EPSS Score
References
- http://secunia.com/secunia_research/2008-10/ url
- DSA-1543 vendor-advisory
- GLSA-200808-01 vendor-advisory
- SSA:2008-089-03 vendor-advisory
- 28312 vdb
- xinelib-sdpplinparse-bo(41339) vdb
- http://www.videolan.org/security/sa0803.php url
- FEDORA-2008-2945 vendor-advisory
- SUSE-SR:2008:012 vendor-advisory
- 29392 third-party-advisory
- FEDORA-2008-2569 vendor-advisory
- http://sourceforge.net/project/shownotes.php?release_id=585488&group_id=9655 url
- 28694 third-party-advisory
- 29740 third-party-advisory
- GLSA-200804-25 vendor-advisory
- 31393 third-party-advisory
- SUSE-SR:2008:007 vendor-advisory
- http://xinehq.de/index.php/news url
- 29601 third-party-advisory
- MDVSA-2008:178 vendor-advisory
…and 16 more