CVE-2004-1188

4 documents4 sources

Severity

10.0CRITICAL

EPSS

0.5%

top 34.23%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mandrakesoft Mandrake Linux Mplayer Mplayer Xine Xine +1 more

Timeline

PublishedJan 10

Latest updateApr 29

Description

The pnm_get_chunk function in xine 0.99.2 and earlier, and other packages such as MPlayer that use the same code, does not properly verify that the chunk size is less than the PREAMBLE_SIZE, which causes a read operation with a negative length that leads to a buffer overflow via (1) RMF_TAG, (2) DATA_TAG, (3) PROP_TAG, (4) MDPR_TAG, and (5) CONT_TAG values, a different vulnerability than CVE-2004-1187.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages4 packages

▶NVDxine/xine29 versions+28

▶NVDxine/xine-lib28 versions+27

▶NVDmplayer/mplayer17 versions+16

▶NVDmandrakesoft/mandrake_linux10.0, 10.1+1

Patches

Patch: www.idefense.com ↗Patch: www.idefense.com ↗

🔴Vulnerability Details

GHSA

GHSA-4x57-68g7-9v3f: The pnm_get_chunk function in xine 0↗2022-04-29

▶

CVEList

CVE-2004-1188: The pnm_get_chunk function in xine 0↗2004-12-22

▶

📋Vendor Advisories

Debian

CVE-2004-1188: mplayer - The pnm_get_chunk function in xine 0.99.2 and earlier, and other packages such a...↗2004

▶