Source: xine-lib Severity: grave Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for xine-lib.
CVE-2008-5241[0]: | Integer underflow in demux_qt.c in xine-lib 1.1.12, and other 1.1.15 | and earlier versions, allows remote attackers to cause a denial of | service (crash) via a crafted media file that results in a small value | of moov_atom_size in a compressed MOV (aka CMOV_ATOM). If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. I can confirm this is not yet fixed. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5241 http://security-tracker.debian.net/tracker/CVE-2008-5241 -- Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgpgZyr4mo4Ma.pgp
Description: PGP signature
