CVE-2008-1110

xine-lib < 1.1.10 - Buffer Overflow in ASF Demuxer

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-1110. PoCs published by Federico L. Bossi Bonin.

AI-analyzed exploit summary This Perl script is a proof-of-concept exploit for CVE-2008-1110, targeting a buffer overflow vulnerability in Libxine <= 1.14. It crafts a malicious MPEG file to trigger a segmentation fault, demonstrating the potential for arbitrary code execution.

Description

Buffer overflow in demuxers/demux_asf.c (aka the ASF demuxer) in the xineplug_dmx_asf.so plugin in xine-lib before 1.1.10 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a crafted ASF header. NOTE: this issue leads to a crash when an attack uses the CVE-2006-1664 exploit code, but it is different from CVE-2006-1664.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Federico L. Bossi Bonin · perldoslinux

https://www.exploit-db.com/exploits/1641

View Code ZIP pw:eip

This Perl script is a proof-of-concept exploit for CVE-2008-1110, targeting a buffer overflow vulnerability in Libxine <= 1.14. It crafts a malicious MPEG file to trigger a segmentation fault, demonstrating the potential for arbitrary code execution.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Libxine <= 1.14

No auth needed

Prerequisites: A vulnerable version of Libxine installed on the target system

MITRE ATT&CK