CVE-2008-3231

NONE EPSS 77.4%
Published Jul 18, 200817y ago · Modified Jun 16, 20262w ago
Find Similar
Published Jul 18, 2008 17y ago
Last Modified Jun 16, 2026 2w ago

Description

xine-lib before 1.1.15 allows remote attackers to cause a denial of service (crash) via a crafted OGG file, as demonstrated by playing lol-ffplay.ogg with xine.

Threat Intelligence

EPSS Exploit Probability
77.4% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-20 Improper Input Validation Validation

Affected Products 38

VendorProductVersionRange
xinexine-lib* ≤1.1.14
xinexine-lib0.9.8any
xinexine-lib0.9.13any
xinexine-lib0.99any
xinexine-lib1any
xinexine-lib1any
xinexine-lib1any
xinexine-lib1any
xinexine-lib1any
xinexine-lib1any
xinexine-lib1any
xinexine-lib1any
xinexine-lib1any
xinexine-lib1any
xinexine-lib1any
xinexine-lib1any
xinexine-lib1any
xinexine-lib1.0any
xinexine-lib1.0.1any
xinexine-lib1.0.2any
xinexine-lib1.0.3aany
xinexine-lib1.1.0any
xinexine-lib1.1.1any
xinexine-lib1.1.2any
xinexine-lib1.1.3any
xinexine-lib1.1.4any
xinexine-lib1.1.5any
xinexine-lib1.1.6any
xinexine-lib1.1.7any
xinexine-lib1.1.8any
xinexine-lib1.1.9any
xinexine-lib1.1.9.1any
xinexine-lib1.1.10any
xinexine-lib1.1.10.1any
xinexine-lib1.1.11any
xinexine-lib1.1.11.1any
xinexine-lib1.1.12any
xinexine-lib1.1.13any

References 11

  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
  • secunia.com http://secunia.com/advisories/31827
    Vendor Advisory
  • sourceforge.net http://sourceforge.net/project/shownotes.php?release_id=619869
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDVSA-2009:020
  • openwall.com http://www.openwall.com/lists/oss-security/2008/07/13/3
  • securityfocus.com http://www.securityfocus.com/bid/30699
    ExploitPatch
  • securitytracker.com http://www.securitytracker.com/id?1020703
  • vupen.com http://www.vupen.com/english/advisories/2008/2382
    Vendor Advisory
  • exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/44040
  • redhat.com https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00174.html
  • redhat.com https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00385.html

Remediation