CVE-2008-5248Improper Input Validation in Xine-lib

CWE-20Improper Input Validation5 documents5 sources
Severity
4.3MEDIUMNVD
EPSS
0.6%
top 31.56%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Xine Xine-lib
Timeline
PublishedNov 26
Latest updateMay 17

Description

xine-lib before 1.1.15 allows remote attackers to cause a denial of service (crash) via "MP3 files with metadata consisting only of separators."

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDxine/xine-lib1.1.15+36

🔴Vulnerability Details

2
GHSA
GHSA-26v7-7j6w-h2wc: xine-lib before 12022-05-17
CVEList
CVE-2008-5248: xine-lib before 12008-11-26

📋Vendor Advisories

2
Ubuntu
xine-lib vulnerabilities2009-01-26
Debian
CVE-2008-5248: vlc - xine-lib before 1.1.15 allows remote attackers to cause a denial of service (cra...2008
CVE-2008-5248 — Improper Input Validation in Xine-lib | cvebase