CVE-2004-1476
xine-lib 1-rc2-1-rc5 - Stack-Based Buffer Overflow via VideoCD Disk Label
Title source: llmDescription
Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows attackers to execute arbitrary code via a VideoCD with an unterminated disk label.
References (5)
Core 5
Core References
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/11206
Patch, Vendor Advisory x_refsource_confirm
http://xinehq.de/index.php/security/XSA-2004-4
Patch, Vendor Advisory mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/375485/2004-09-02/2004-09-08/0
Patch, Vendor Advisory vendor-advisory
x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200409-30.xml
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/17431
Scores
EPSS
0.0205
EPSS Percentile
84.1%
Details
Status
published
Products (16)
suse/suse_linux
8.0
suse/suse_linux
8.1
suse/suse_linux
8.2
suse/suse_linux
9.0 (2 CPE variants)
suse/suse_linux
9.1
suse/suse_linux
9.2
xine/xine
0.9.18
xine/xine
1_rc2
xine/xine
1_rc3
xine/xine
1_rc4
... and 6 more
Published
Dec 31, 2004
Tracked Since
Feb 18, 2026