CyberSec.Space Logo
Back to CVE Browser

CVE-2008-5245

CRITICAL
9.3
CVSS Severity Score
EPSS Score0.1190%
EPSS Percentile26.99th
PublishedNov 26, 2008
Last ModifiedApr 23, 2026

Vulnerability Description

xine-lib before 1.1.15 performs V4L video frame preallocation before ascertaining the required length, which has unknown impact and attack vectors, possibly related to a buffer overflow in the open_video_capture_device function in src/input/input_v4l.c.

Affected Platforms (CPE)

πŸ“¦
Xine

Xine Lib

<= 1.1.14
πŸ“¦
Xine

Xine Lib

= 0.9.13
πŸ“¦
Xine

Xine Lib

= 1
πŸ“¦
Xine

Xine Lib

= 1
πŸ“¦
Xine

Xine Lib

= 1
πŸ“¦
Xine

Xine Lib

= 1
πŸ“¦
Xine

Xine Lib

= 1
πŸ“¦
Xine

Xine Lib

= 1
πŸ“¦
Xine

Xine Lib

= 1
πŸ“¦
Xine

Xine Lib

= 1
πŸ“¦
Xine

Xine Lib

= 1
πŸ“¦
Xine

Xine Lib

= 1
πŸ“¦
Xine

Xine Lib

= 1
πŸ“¦
Xine

Xine Lib

= 1
πŸ“¦
Xine

Xine Lib

= 1
πŸ“¦
Xine

Xine Lib

= 1.0
πŸ“¦
Xine

Xine Lib

= 1.0.1
πŸ“¦
Xine

Xine Lib

= 1.0.2
πŸ“¦
Xine

Xine Lib

= 1.0.3a
πŸ“¦
Xine

Xine Lib

= 1.1.0
πŸ“¦
Xine

Xine Lib

= 1.1.1
πŸ“¦
Xine

Xine Lib

= 1.1.2
πŸ“¦
Xine

Xine Lib

= 1.1.3
πŸ“¦
Xine

Xine Lib

= 1.1.4
πŸ“¦
Xine

Xine Lib

= 1.1.5
πŸ“¦
Xine

Xine Lib

= 1.1.6
πŸ“¦
Xine

Xine Lib

= 1.1.7
πŸ“¦
Xine

Xine Lib

= 1.1.8
πŸ“¦
Xine

Xine Lib

= 1.1.9
πŸ“¦
Xine

Xine Lib

= 1.1.9.1
πŸ“¦
Xine

Xine Lib

= 1.1.10
πŸ“¦
Xine

Xine Lib

= 1.1.10.1
πŸ“¦
Xine

Xine Lib

= 1.1.11
πŸ“¦
Xine

Xine Lib

= 1.1.11.1
πŸ“¦
Xine

Xine Lib

= 1.1.12
πŸ“¦
Xine

Xine Lib

= 1.1.13
πŸ“¦
Xine

Xine Lib

= 1_beta1
πŸ“¦
Xine

Xine Lib

= 1_beta2
πŸ“¦
Xine

Xine Lib

= 1_beta3
πŸ“¦
Xine

Xine Lib

= 1_beta4
πŸ“¦
Xine

Xine Lib

= 1_beta5
πŸ“¦
Xine

Xine Lib

= 1_beta6
πŸ“¦
Xine

Xine Lib

= 1_beta7
πŸ“¦
Xine

Xine Lib

= 1_beta8
πŸ“¦
Xine

Xine Lib

= 1_beta9
πŸ“¦
Xine

Xine Lib

= 1_beta10
πŸ“¦
Xine

Xine Lib

= 1_beta11
πŸ“¦
Xine

Xine Lib

= 1_beta12

References & Advisories

πŸ”— http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
πŸ”— http://secunia.com/advisories/31502
πŸ”— http://securitytracker.com/id?1020703
πŸ”— http://sourceforge.net/project/shownotes.php?release_id=619869
πŸ”— http://www.mandriva.com/security/advisories?name=MDVSA-2009:020
πŸ”— http://www.securityfocus.com/bid/30698
πŸ”— http://www.vupen.com/english/advisories/2008/2382
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/44470

Related Vulnerabilities

CVE-2004-130010.0

Buffer overflow in the open_aiff_file function in demux_aiff.c for xine-lib (libxine) 1-rc7 allows remote attackers to execute arb...

CVE-2008-524410.0

Unspecified vulnerability in xine-lib before 1.1.15 has unknown impact and attack vectors related to libfaad. NOTE: due to the la...

CVE-2004-043310.0

Multiple buffer overflows in the Real-Time Streaming Protocol (RTSP) client for (1) MPlayer before 1.0pre4 and (2) xine lib (xine-...

CVE-2008-523710.0

Multiple integer overflows in xine-lib 1.1.12, and other 1.1.15 and earlier versions, allow remote attackers to cause a denial of ...