CVE-2008-5245
published 2008-11-26CVE-2008-5245: xine-lib before 1.1.15 performs V4L video frame preallocation before ascertaining the required length, which has unknown impact and attack vectors, possibly…
PriorityP430critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
1.75%
75.0th percentile
xine-lib before 1.1.15 performs V4L video frame preallocation before ascertaining the required length, which has unknown impact and attack vectors, possibly related to a buffer overflow in the open_video_capture_device function in src/input/input_v4l.c.
Affected
36 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| xine | xine-lib | <= 1.1.14 | — |
| xine | xine-lib | — | — |
| xine | xine-lib | — | — |
| xine | xine-lib | — | — |
| xine | xine-lib | — | — |
| xine | xine-lib | — | — |
| xine | xine-lib | — | — |
| xine | xine-lib | — | — |
| xine | xine-lib | — | — |
| xine | xine-lib | — | — |
| xine | xine-lib | — | — |
| xine | xine-lib | — | — |
| xine | xine-lib | — | — |
| xine | xine-lib | — | — |
| xine | xine-lib | — | — |
| xine | xine-lib | — | — |
| xine | xine-lib | — | — |
| xine | xine-lib | — | — |
| xine | xine-lib | — | — |
| xine | xine-lib | — | — |
| xine | xine-lib | — | — |
| xine | xine-lib | — | — |
| xine | xine-lib | — | — |
| xine | xine-lib | — | — |
| xine | xine-lib | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.htmlhttp://secunia.com/advisories/31502http://securitytracker.com/id?1020703http://sourceforge.net/project/shownotes.php?release_id=619869http://www.mandriva.com/security/advisories?name=MDVSA-2009:020http://www.securityfocus.com/bid/30698http://www.vupen.com/english/advisories/2008/2382https://exchange.xforce.ibmcloud.com/vulnerabilities/44470http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.htmlhttp://secunia.com/advisories/31502http://securitytracker.com/id?1020703http://sourceforge.net/project/shownotes.php?release_id=619869http://www.mandriva.com/security/advisories?name=MDVSA-2009:020http://www.securityfocus.com/bid/30698http://www.vupen.com/english/advisories/2008/2382https://exchange.xforce.ibmcloud.com/vulnerabilities/44470
2008-11-26
Published