[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

VLC Format String Vulnerability also in XINE

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: VLC Format String Vulnerability also in XINE
From: Sven.Czaja@xxxxxx
Date: 10 Jan 2007 15:15:47 -0000

Hi,

I have read about 
Bugtraq ID: 21852
I tried the demo-exploit from 
http://www.securityfocus.com/data/vulnerabilities/exploits/VLCMediaSlayer-x86.pl
Then I tried to play the file in xine and got ...

This is xine (X11 gui) - a free video player v0.99.4.
(c) 2000-2004 The xine Team.
xiTK received SIGSEGV signal, RIP.
Aborted

My system is an up-to-date SUSE LINUX 10.1 (i586)
I think xine has also this vulnerability.

Regards Sven

Prev by Date: Re: [Full-disclosure] 0trace - traceroute on established connections
Next by Date: [ GLSA 200701-04 ] SeaMonkey: Multiple vulnerabilities
Previous by thread: Re: A Major design Bug in Steganography 1.7.x, 1.8 (latest) (Updated Version)
Next by thread: [ GLSA 200701-04 ] SeaMonkey: Multiple vulnerabilities
Index(es):
- Date
- Thread