CVE-2009-1274
published 2009-04-08CVE-2009-1274: Integer overflow in the qt_error parse_trak_atom function in demuxers/demux_qt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary…
PriorityP336medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
5.06%
91.2th percentile
Integer overflow in the qt_error parse_trak_atom function in demuxers/demux_qt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, which triggers a heap-based buffer overflow.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | vlc | — | — |
| xine | xine-lib | — | — |
| xine | xine-lib | — | — |
| xine | xine-lib | — | — |
| xine | xine-lib | — | — |
| xine | xine-lib | — | — |
| xine | xine-lib | — | — |
| xine | xine-lib | — | — |
| xine | xine-lib | — | — |
| xine | xine-lib | — | — |
| xine | xine-lib | — | — |
| xine | xine-lib | — | — |
| xine | xine-lib | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
vendor_ubuntu7.5HIGH
vendor_debian5.0LOW
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-7qxw-w45x-p9g9: Integer overflow in the qt_error parse_trak_atom function in demuxers/demux_qt
ghsa_unreviewed·2022-05-02
CVE-2009-1274 [MEDIUM] CWE-119 GHSA-7qxw-w45x-p9g9: Integer overflow in the qt_error parse_trak_atom function in demuxers/demux_qt
Integer overflow in the qt_error parse_trak_atom function in demuxers/demux_qt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, which triggers a heap-based buffer overflow.
Ubuntu
xine-lib vulnerabilities
vendor_ubuntu·2009-04-20·CVSS 7.5
CVE-2009-1274 [HIGH] xine-lib vulnerabilities
Title: xine-lib vulnerabilities
Summary: xine-lib vulnerabilities
It was discovered that the QT demuxer in xine-lib did not correctly handle
a large count value in an STTS atom, resulting in a heap-based buffer
overflow. If a user or automated system were tricked into opening a
specially crafted MOV file, an attacker could execute arbitrary code as the
user invoking the program. (CVE-2009-1274)
USN-746-1 provided updated xine-lib packages to fix multiple security
vulnerabilities. The security patch to fix CVE-2009-0698 was incomplete.
This update corrects the problem.
Original advisory details:
It was discovered that the 4xm demuxer in xine-lib did not correctly
handle a large current_track value in a 4xm file, resulting in an integer
overflow. If a user or automated system were tricke
Debian
CVE-2009-1274: vlc - Integer overflow in the qt_error parse_trak_atom function in demuxers/demux_qt.c...
vendor_debian·2009·CVSS 5.0
CVE-2009-1274 [MEDIUM] CVE-2009-1274: vlc - Integer overflow in the qt_error parse_trak_atom function in demuxers/demux_qt.c...
Integer overflow in the qt_error parse_trak_atom function in demuxers/demux_qt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, which triggers a heap-based buffer overflow.
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved
sid: resolved
trixie: resolved
Red Hat
xine-lib: Quicktime STTS Atom Integer Overflow (TKADV2009-005)
vendor_redhat·CVSS 5.0
CVE-2009-1274 [MEDIUM] CWE-190 xine-lib: Quicktime STTS Atom Integer Overflow (TKADV2009-005)
xine-lib: Quicktime STTS Atom Integer Overflow (TKADV2009-005)
Integer overflow in the qt_error parse_trak_atom function in demuxers/demux_qt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, which triggers a heap-based buffer overflow.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2009-1274 xine-lib: Quicktime STTS Atom Integer Overflow (TKADV2009-005)
bugzilla·2009-04-09·CVSS 5.0
CVE-2009-1274 [MEDIUM] CVE-2009-1274 xine-lib: Quicktime STTS Atom Integer Overflow (TKADV2009-005)
CVE-2009-1274 xine-lib: Quicktime STTS Atom Integer Overflow (TKADV2009-005)
Common Vulnerabilities and Exposures assigned an identifier CVE-2009-1274 to the following vulnerability:
Integer overflow in the qt_error parse_trak_atom function in
demuxers/demux_qt.c in xine-lib 1.1.16.2 and earlier allows remote
attackers to execute arbitrary code via a Quicktime movie file with a
large count value in an STTS atom, which triggers a heap-based buffer
overflow.
References:
http://www.trapkit.de/advisories/TKADV2009-005.txt
http://www.securityfocus.com/archive/1/archive/1/502481/100/0/threaded
http://bugs.xine-project.org/show_bug.cgi?id=224
http://sourceforge.net/project/shownotes.php?group_id=9655&release_id=673233
Discussion:
Rawhide already has upstream 1.1.16.3.
---
OK, looks like al
arXiv
DAG-Based Attack and Defense Modeling: Don't Miss the Forest for the Attack Trees
arxiv_fulltext·2013-03-29
DAG-Based Attack and Defense Modeling: Don't Miss the Forest for the Attack Trees
## Abstract
This paper presents the current state of the art on attack and defense
modeling approaches that are based on directed acyclic graphs (DAGs). DAGs
allow for a hierarchical decomposition of complex scenarios into simple, easily
understandable and quantifiable actions. Methods based on threat trees and
Bayesian networks are two well-known approaches to security modeling. However
there exist more than 30 DAG-based methodologies, each having different
features and goals. The objective of this survey is to present a complete
overview of graphical attack and defense modeling techniques based on DAGs.
This consists of summarizing the existing methodologies, comparing their
features and proposing a taxonomy of the described formalisms. This article
also supports the selection of an ade
http://bugs.xine-project.org/show_bug.cgi?id=224http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.htmlhttp://osvdb.org/53288http://secunia.com/advisories/34593http://secunia.com/advisories/34712http://secunia.com/advisories/35416http://sourceforge.net/project/shownotes.php?group_id=9655&release_id=673233http://www.mandriva.com/security/advisories?name=MDVSA-2009:298http://www.mandriva.com/security/advisories?name=MDVSA-2009:299http://www.securityfocus.com/archive/1/502481/100/0/threadedhttp://www.securityfocus.com/bid/34384http://www.securitytracker.com/id?1021989http://www.trapkit.de/advisories/TKADV2009-005.txthttp://www.vupen.com/english/advisories/2009/0937https://exchange.xforce.ibmcloud.com/vulnerabilities/49714https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00210.htmlhttps://www.redhat.com/archives/fedora-package-announce/2009-April/msg00215.htmlhttp://bugs.xine-project.org/show_bug.cgi?id=224http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.htmlhttp://osvdb.org/53288http://secunia.com/advisories/34593http://secunia.com/advisories/34712http://secunia.com/advisories/35416http://sourceforge.net/project/shownotes.php?group_id=9655&release_id=673233http://www.mandriva.com/security/advisories?name=MDVSA-2009:298http://www.mandriva.com/security/advisories?name=MDVSA-2009:299http://www.securityfocus.com/archive/1/502481/100/0/threadedhttp://www.securityfocus.com/bid/34384http://www.securitytracker.com/id?1021989http://www.trapkit.de/advisories/TKADV2009-005.txthttp://www.vupen.com/english/advisories/2009/0937https://exchange.xforce.ibmcloud.com/vulnerabilities/49714https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00210.htmlhttps://www.redhat.com/archives/fedora-package-announce/2009-April/msg00215.html
2009-04-08
Published