CVE-2005-1692Use of Externally-Controlled Format String in Gxine

3 documents3 sources
Severity
7.5HIGHNVD
EPSS
2.0%
top 16.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Xine Gxine
Timeline
PublishedMay 24
Latest updateMay 1

Description

Format string vulnerability in gxine 0.4.1 through 0.4.4, and other versions down to 0.3, allows remote attackers to execute arbitrary code via a ram file with a URL whose hostname contains format string specifiers.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDxine/gxine4 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-xf7f-cc8g-g539: Format string vulnerability in gxine 02022-05-01
CVEList
CVE-2005-1692: Format string vulnerability in gxine 02005-05-24
CVE-2005-1692 — Xine Gxine vulnerability | cvebase