Back to search
CVE-2005-2967
Published: Oct 14, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
Format string vulnerability in input_cdda.c in xine-lib 1-beta through 1-beta 3, 1-rc, 1.0 through 1.0.2, and 1.1.1 allows remote servers to execute arbitrary code via format string specifiers in metadata in CDDB server responses when the victim plays a CD.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
15044
vdb-entry
x_refsource_BID
17132
third-party-advisory
x_refsource_SECUNIA
MDKSA-2005:180
vendor-advisory
x_refsource_MANDRIVA
17282
third-party-advisory
x_refsource_SECUNIA
17097
third-party-advisory
x_refsource_SECUNIA
19892
vdb-entry
x_refsource_OSVDB
SSA:2005-283-01
vendor-advisory
x_refsource_SLACKWARE
http://xinehq.de/index.php/security/XSA-2005-1
x_refsource_CONFIRM
DSA-863
vendor-advisory
x_refsource_DEBIAN
20051008 xine/gxine CD Player Remote Format String Bug
mailing-list
x_refsource_FULLDISC
SUSE-SR:2005:024
vendor-advisory
x_refsource_SUSE
17111
third-party-advisory
x_refsource_SECUNIA
GLSA-200510-08
vendor-advisory
x_refsource_GENTOO
USN-196-1
vendor-advisory
x_refsource_UBUNTU
17179
third-party-advisory
x_refsource_SECUNIA
17162
third-party-advisory
x_refsource_SECUNIA
17099
third-party-advisory
x_refsource_SECUNIA
xinelib-inputcdda-format-string(22545)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now