CVE-2007-0254
published 2007-01-16CVE-2007-0254: Format string vulnerability in the errors_create_window function in errors.c in xine-ui allows attackers to execute arbitrary code via unknown vectors.
PriorityP337critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
3.49%
87.7th percentile
Format string vulnerability in the errors_create_window function in errors.c in xine-ui allows attackers to execute arbitrary code via unknown vectors.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | xine-ui | < xine-ui 0.99.4+dfsg+cvs20061111-1 (bookworm) | xine-ui 0.99.4+dfsg+cvs20061111-1 (bookworm) |
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
osv10.0CRITICAL
vendor_debian10.0LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-862g-ghxh-g8f8: Format string vulnerability in the errors_create_window function in errors
ghsa_unreviewed·2022-05-01
CVE-2007-0254 [HIGH] GHSA-862g-ghxh-g8f8: Format string vulnerability in the errors_create_window function in errors
Format string vulnerability in the errors_create_window function in errors.c in xine-ui allows attackers to execute arbitrary code via unknown vectors.
OSV
CVE-2007-0254: Format string vulnerability in the errors_create_window function in errors
osv·2007-01-16·CVSS 10.0
CVE-2007-0254 [CRITICAL] CVE-2007-0254: Format string vulnerability in the errors_create_window function in errors
Format string vulnerability in the errors_create_window function in errors.c in xine-ui allows attackers to execute arbitrary code via unknown vectors.
Debian
CVE-2007-0254: xine-ui - Format string vulnerability in the errors_create_window function in errors.c in ...
vendor_debian·2007·CVSS 10.0
CVE-2007-0254 [CRITICAL] CVE-2007-0254: xine-ui - Format string vulnerability in the errors_create_window function in errors.c in ...
Format string vulnerability in the errors_create_window function in errors.c in xine-ui allows attackers to execute arbitrary code via unknown vectors.
Scope: local
bookworm: resolved (fixed in 0.99.4+dfsg+cvs20061111-1)
bullseye: resolved (fixed in 0.99.4+dfsg+cvs20061111-1)
forky: resolved (fixed in 0.99.4+dfsg+cvs20061111-1)
sid: resolved (fixed in 0.99.4+dfsg+cvs20061111-1)
trixie: resolved (fixed in 0.99.4+dfsg+cvs20061111-1)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://osvdb.org/31594http://secunia.com/advisories/23709http://secunia.com/advisories/23891http://secunia.com/advisories/23931http://security.gentoo.org/glsa/glsa-200701-18.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:027http://www.mandriva.com/security/advisories?name=MDKSA-2007:154http://www.securityfocus.com/archive/1/456590/100/0/threadedhttp://www.securityfocus.com/bid/22002https://exchange.xforce.ibmcloud.com/vulnerabilities/31505http://osvdb.org/31594http://secunia.com/advisories/23709http://secunia.com/advisories/23891http://secunia.com/advisories/23931http://security.gentoo.org/glsa/glsa-200701-18.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:027http://www.mandriva.com/security/advisories?name=MDKSA-2007:154http://www.securityfocus.com/archive/1/456590/100/0/threadedhttp://www.securityfocus.com/bid/22002https://exchange.xforce.ibmcloud.com/vulnerabilities/31505
2007-01-16
Published