CVE-2008-5245
Published: 26 November 2008
xine-lib before 1.1.15 performs V4L video frame preallocation before ascertaining the required length, which has unknown impact and attack vectors, possibly related to a buffer overflow in the open_video_capture_device function in src/input/input_v4l.c.
Priority
Status
Package | Release | Status |
---|---|---|
xine-lib Launchpad, Ubuntu, Debian |
dapper |
Not vulnerable
(doesn't allocate video frames)
|
gutsy |
Not vulnerable
(doesn't allocate video frames)
|
|
hardy |
Not vulnerable
(doesn't allocate video frames)
|
|
intrepid |
Not vulnerable
(1.1.15-0ubuntu1)
|
|
upstream |
Released
(1.1.15)
|
|
Patches: vendor: http://hg.debian.org/hg/xine-lib/pkg/xine-lib-deb?cmd=changeset;node=b7aa9aacefb0;style=gitweb |