CVE-2008-0073
EPSS 1.8%xine-lib - multiple vulnerabilities
發布日:2008/3/24修改日:2026/4/28
描述
Array index error in the sdpplin_parse function in input/libreal/sdpplin.c in xine-lib 1.1.10.1 allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter.
受影響套件(3)
- Debian/vlcfrom 0, < 0.8.6.e-2
- Debian/vlcfrom 0, < 0.8.6.c-6+lenny3
- Debian/xine-libfrom 0, < 1.1.10.1-2+lenny2