Info

Disclosure

Dec 16, 2004

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

A local overflow exists in xine. xine fails to check the boundary of "open_aiff_file()" function, resulting in a buffer overflow. With a specially crafted multimedia file, an attacker can read and write arbitrary files or watch the programs, resulting in a loss of confidentiality and integrity.

Classification

Location: Local Access Required
Attack Type: Input Manipulation
Impact: Loss of Confidentiality, Loss of Integrity
Exploit: Exploit Unknown
Disclosure: OSVDB Verified

Solution

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Products

xine.org

xine-lib

1-rc7

References

Secunia Advisory ID: 13502 13739 13883 13926
ISS X-Force ID: 18611
CVE ID: 2004-1300 (see also: NVD)
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-12/0195.html
http://archives.neohapsis.com/archives/bugtraq/2004-12/0437.html
Other Advisory URL: http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000919
http://security.gentoo.org/glsa/glsa-200501-07.xml
http://tigger.uic.edu/~jlongs2/holes/xine-lib.txt
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2005:011
Vendor URL: http://xinehq.de/

Credit

Ariel Berkman -

Direct URL: http://osvdb.org/36218