CVE-2008-0073

EPSS 1.8%

xine-lib - multiple vulnerabilities

Published: 3/24/2008Modified: 4/28/2026

Also known as:DEBIAN-CVE-2008-0073

Description

Array index error in the sdpplin_parse function in input/libreal/sdpplin.c in xine-lib 1.1.10.1 allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter.

Affected packages (3)

Debian/vlcfrom 0, < 0.8.6.e-2
Debian/vlcfrom 0, < 0.8.6.c-6+lenny3
Debian/xine-libfrom 0, < 1.1.10.1-2+lenny2

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-0073