VDB
CVE-2008-0225
CVE-2008-0225
PUBLISHED
CVSS 6.400000095367432 MEDIUM
Heap-based buffer overflow in the rmff_dump_cont function in input/libreal/rmff.c in xine-lib 1.1.9 and earlier allows remote attackers to execute arbitrary code via the SDP Abstract attribute in an RTSP session, related to the rmff_dump_header function and related to disregarding the max field. NOTE: some of these details are obtained from third party information.
EPSS 8.35% · 92.4th percentile
Risk Scores
CVSS 2.0
6.400000095367432
EPSS Score
8.35%
92.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| xine | xine-lib | 0 |
Timeline
- Jan 10, 2008 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
- Oct 30, 2023 EPSS Score
References
- http://aluigi.altervista.org/adv/xinermffhof-adv.txt url
- SUSE-SR:2008:002 vendor-advisory
- ADV-2008-0163 vdb
- MDVSA-2008:045 vendor-advisory
- 28955 third-party-advisory
- GLSA-200801-12 vendor-advisory
- 28489 third-party-advisory
- 28507 third-party-advisory
- 31393 third-party-advisory
- DSA-1472 vendor-advisory
- http://bugs.gentoo.org/show_bug.cgi?id=205197 url
- FEDORA-2008-0718 vendor-advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=428620 url
- 28384 third-party-advisory
- http://sourceforge.net/project/shownotes.php?release_id=567872 url
- 28636 third-party-advisory
- 27198 vdb
- 28674 third-party-advisory
- USN-635-1 vendor-advisory
- MDVSA-2008:020 vendor-advisory
…and 1 more