Buffer overflow in the HTTP Plugin (xineplug_inp_http.so) for xine-lib 1.1.1 allows remote attackers to cause a denial of service (application crash) via a long reply from an HTTP server, as demonstrated using gxine 0.5.6.
Max CVSS
5.0
EPSS Score
9.45%
Published
2006-06-03
Updated
2018-10-03
Format string vulnerability in gxine 0.4.1 through 0.4.4, and other versions down to 0.3, allows remote attackers to execute arbitrary code via a ram file with a URL whose hostname contains format string specifiers.
Max CVSS
7.5
EPSS Score
11.28%
Published
2005-05-24
Updated
2016-10-18
Buffer overflow in the http_open function in Kaffeine before 0.5, whose code is also used in gxine before 0.3.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long Content-Type header for a Real Audio Media (.ram) playlist file.
Max CVSS
10.0
EPSS Score
5.52%
Published
2005-03-01
Updated
2017-07-11
3 vulnerabilities found