CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2007-0254

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1350%
EPSS Percentile3.46th
Published2007年1月16日
Last Modified2026年4月23日

Vulnerability Description

Format string vulnerability in the errors_create_window function in errors.c in xine-ui allows attackers to execute arbitrary code via unknown vectors.

Affected Platforms (CPE)

📦
Xine

Xine Ui

All versions

References & Advisories

🔗 http://osvdb.org/31594
🔗 http://secunia.com/advisories/23709
🔗 http://secunia.com/advisories/23891
🔗 http://secunia.com/advisories/23931
🔗 http://security.gentoo.org/glsa/glsa-200701-18.xml
🔗 http://www.mandriva.com/security/advisories?name=MDKSA-2007:027
🔗 http://www.mandriva.com/security/advisories?name=MDKSA-2007:154
🔗 http://www.securityfocus.com/archive/1/456590/100/0/threaded

相關漏洞威脅

CVE-2004-118810.0

The pnm_get_chunk function in xine 0.99.2 and earlier, and other packages such as MPlayer that use the same code, does not properl...

CVE-2004-118710.0

Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and other packages such as MPlayer that use the same cod...

CVE-2004-043310.0

Multiple buffer overflows in the Real-Time Streaming Protocol (RTSP) client for (1) MPlayer before 1.0pre4 and (2) xine lib (xine-...

CVE-2004-130010.0

Buffer overflow in the open_aiff_file function in demux_aiff.c for xine-lib (libxine) 1-rc7 allows remote attackers to execute arb...