cbcvebase.
CVE-2007-0254
published 2007-01-16

CVE-2007-0254: Format string vulnerability in the errors_create_window function in errors.c in xine-ui allows attackers to execute arbitrary code via unknown vectors.

PriorityP337critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
3.49%
87.7th percentile
Format string vulnerability in the errors_create_window function in errors.c in xine-ui allows attackers to execute arbitrary code via unknown vectors.

Affected

1 ranges
VendorProductVersion rangeFixed in
debianxine-ui< xine-ui 0.99.4+dfsg+cvs20061111-1 (bookworm)xine-ui 0.99.4+dfsg+cvs20061111-1 (bookworm)

CVSS provenance

nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
osv10.0CRITICAL
vendor_debian10.0LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.