Back to search
CVE-2006-2230
Published: May 5, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine 0.99.4 might allow attackers to cause a denial of service via format string specifiers in an MP3 filename specified on the command line. NOTE: this is a different vulnerability than CVE-2006-1905. In addition, if the only attack vectors involve a user-assisted, local command line argument of a non-setuid program, this issue might not be a vulnerability.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20060429 XINE format string bugs when handling non existen file
mailing-list
x_refsource_BUGTRAQ
17769
vdb-entry
x_refsource_BID
xine-mainc-format-string(26216)
vdb-entry
x_refsource_XF
DSA-1093
vendor-advisory
x_refsource_DEBIAN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now