cvelistv5 - CVE-2008-5245

CVE-2008-5245

Vulnerability from cvelistv5

Published

2008-11-26 01:00

Modified

2024-08-07 10:49

Severity ?

Summary

xine-lib before 1.1.15 performs V4L video frame preallocation before ascertaining the required length, which has unknown impact and attack vectors, possibly related to a buffer overflow in the open_video_capture_device function in src/input/input_v4l.c.

References

URL	Tags
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
cve@mitre.org	http://secunia.com/advisories/31502	Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1020703
cve@mitre.org	http://sourceforge.net/project/shownotes.php?release_id=619869
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDVSA-2009:020
cve@mitre.org	http://www.securityfocus.com/bid/30698
cve@mitre.org	http://www.vupen.com/english/advisories/2008/2382
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/44470
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31502	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1020703
af854a3a-2127-422b-91ae-364da2661108	http://sourceforge.net/project/shownotes.php?release_id=619869
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2009:020
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/30698
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/2382
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/44470

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T10:49:11.891Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1020703",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1020703"
          },
          {
            "name": "SUSE-SR:2009:004",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html"
          },
          {
            "name": "31502",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31502"
          },
          {
            "name": "ADV-2008-2382",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/2382"
          },
          {
            "name": "MDVSA-2009:020",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:020"
          },
          {
            "name": "30698",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/30698"
          },
          {
            "name": "xinelib-openvideocapturedevice-bo(44470)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44470"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sourceforge.net/project/shownotes.php?release_id=619869"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-08-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "xine-lib before 1.1.15 performs V4L video frame preallocation before ascertaining the required length, which has unknown impact and attack vectors, possibly related to a buffer overflow in the open_video_capture_device function in src/input/input_v4l.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1020703",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1020703"
        },
        {
          "name": "SUSE-SR:2009:004",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html"
        },
        {
          "name": "31502",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31502"
        },
        {
          "name": "ADV-2008-2382",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/2382"
        },
        {
          "name": "MDVSA-2009:020",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:020"
        },
        {
          "name": "30698",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/30698"
        },
        {
          "name": "xinelib-openvideocapturedevice-bo(44470)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44470"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sourceforge.net/project/shownotes.php?release_id=619869"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-5245",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "xine-lib before 1.1.15 performs V4L video frame preallocation before ascertaining the required length, which has unknown impact and attack vectors, possibly related to a buffer overflow in the open_video_capture_device function in src/input/input_v4l.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1020703",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1020703"
            },
            {
              "name": "SUSE-SR:2009:004",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html"
            },
            {
              "name": "31502",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31502"
            },
            {
              "name": "ADV-2008-2382",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/2382"
            },
            {
              "name": "MDVSA-2009:020",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:020"
            },
            {
              "name": "30698",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/30698"
            },
            {
              "name": "xinelib-openvideocapturedevice-bo(44470)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44470"
            },
            {
              "name": "http://sourceforge.net/project/shownotes.php?release_id=619869",
              "refsource": "CONFIRM",
              "url": "http://sourceforge.net/project/shownotes.php?release_id=619869"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-5245",
    "datePublished": "2008-11-26T01:00:00",
    "dateReserved": "2008-11-25T00:00:00",
    "dateUpdated": "2024-08-07T10:49:11.891Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2008-5245\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2008-11-26T01:30:00.687\",\"lastModified\":\"2024-11-21T00:53:39.180\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"xine-lib before 1.1.15 performs V4L video frame preallocation before ascertaining the required length, which has unknown impact and attack vectors, possibly related to a buffer overflow in the open_video_capture_device function in src/input/input_v4l.c.\"},{\"lang\":\"es\",\"value\":\"xine-lib anterior a 1.1.15 realiza marcos de video V4L preasignados antes del establecimiento de la longitud requerida, la cu\u00e1l tiene un impacto y vectores de ataque desconocidos, posiblemente relacionado con un desbordamiento de b\u00fafer en la funci\u00f3n  open_video_capture_device en src/input/input_v4l.c.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"},{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.1.14\",\"matchCriteriaId\":\"5EA01448-09E3-4DA9-A817-BFD7A4460F66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:0.9.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1DF7BC3F-20B1-461A-A799-8A77F3D8CC8E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1:rc0a:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC32E976-3FB3-44DE-89EE-FF0E89D97090\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"336D216E-5C30-4328-A422-DE134CABA091\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"39B6FDDB-139E-4CAC-A1C9-69E4AB542357\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCC58298-4DD7-47C4-BFA7-04596B21D646\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1:rc3a:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB72C6CE-4D90-42FD-BFAF-AB31EBC34BF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1:rc3b:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AA7BF0D-063D-4FD4-9AF2-69A0DF31579D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1:rc3c:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BEFC0C7-1D8D-421B-B193-8A574AC8C712\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"42736C09-AF59-45F7-A324-2A725F8C0AEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1:rc4a:*:*:*:*:*:*\",\"matchCriteriaId\":\"30F3E90C-01A5-4085-8BA4-B5FA05BEA791\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"91ACDCA2-F0CD-4133-85A1-FC95E703CB90\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1:rc6a:*:*:*:*:*:*\",\"matchCriteriaId\":\"58B3AEE5-1A56-464E-9EB2-F06E25FA5D90\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1:rc7:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEB5AC92-03F5-44F2-89CC-B6E8BA69C55C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1:rc8:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AC68CC2-969C-4596-AA38-AE10BFE1D5BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8D402CB-4DED-4525-AF38-B5EC73C39E55\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A905719D-4520-4374-B3A7-55034728B85C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2899EF34-824B-4893-8636-64A83EC5885B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1.0.3a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8EB8D295-B589-4E88-8FEE-DDD1591D9189\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FAB10333-6C25-4359-BB3F-D76468170825\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2377493B-8CC0-414B-AA5F-B7777C852195\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"877230F8-6040-4CE3-A882-1290D19D27CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"401AE3C4-3829-487D-B66E-F71705BDD3FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46BF90AB-3B32-4899-8179-BDB9EB449760\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"69CE0C90-2DD1-49D2-AE4C-1D21B81EF812\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F2AF7B5-09C3-4E32-B981-E0D9F88E387C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1.1.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C94CF963-7DA9-455C-BB7E-2EE9AACD6B51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1.1.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E515D538-80FA-4069-B466-1EC4F84EE5A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1.1.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64546B22-3230-413A-BE51-E51F54B4A39B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1.1.9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"686115E3-6BC0-4E9E-A0A7-9896F639FDE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1.1.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFC149FA-B916-4844-AD98-B7827116C803\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1.1.10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2BBF4E9-6090-4ED3-8A12-09396E660505\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1.1.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA642532-365F-4981-BA09-A56D3628271C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1.1.11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C34F27CC-0D88-42C0-93B4-87C1A4FA3DE8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1.1.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B75F992-1E85-491D-99FF-2ABE4228B88D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1.1.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1DFE3B5A-2AF7-4F0B-9364-A06DD19F4BF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1_beta1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C87793C-6577-4E67-BBFD-768FAF1BF88D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1_beta2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFE9819F-A620-41A6-A102-41746457753F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1_beta3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7D6474F-C678-498C-9A61-287E2FDD8B2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1_beta4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06402BDD-77EA-447A-8C34-E1A0F41D0628\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1_beta5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7387773A-81F1-464A-9489-E103C51BED46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1_beta6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A03194CD-2CFA-4F11-90DE-3573BA06B6DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1_beta7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C39D002-E323-423D-8895-9179DFDF6535\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1_beta8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73E621C7-A5BA-4D71-9D57-4311360FF3A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1_beta9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B08810F9-377D-49C4-A9A8-E2EE42EDF2F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1_beta10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AA12911-93D8-4DFE-A31C-FEB9E7F7ADD6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1_beta11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C13E4FD-A874-4366-A426-19665B43F1DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xine:xine-lib:1_beta12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75965D14-6EFC-4F1D-B343-FD593FB37048\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/31502\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1020703\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://sourceforge.net/project/shownotes.php?release_id=619869\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2009:020\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/30698\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/2382\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/44470\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/31502\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1020703\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://sourceforge.net/project/shownotes.php?release_id=619869\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2009:020\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/30698\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/2382\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/44470\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

fkie_cve-2008-5245

Vulnerability from fkie_nvd

Published

2008-11-26 01:30

Modified

2024-11-21 00:53

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
cve@mitre.org	http://secunia.com/advisories/31502	Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1020703
cve@mitre.org	http://sourceforge.net/project/shownotes.php?release_id=619869
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDVSA-2009:020
cve@mitre.org	http://www.securityfocus.com/bid/30698
cve@mitre.org	http://www.vupen.com/english/advisories/2008/2382
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/44470
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31502	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1020703
af854a3a-2127-422b-91ae-364da2661108	http://sourceforge.net/project/shownotes.php?release_id=619869
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2009:020
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/30698
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/2382
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/44470

Impacted products

Vendor	Product	Version
xine	xine-lib	*
xine	xine-lib	0.9.13
xine	xine-lib	1
xine	xine-lib	1
xine	xine-lib	1
xine	xine-lib	1
xine	xine-lib	1
xine	xine-lib	1
xine	xine-lib	1
xine	xine-lib	1
xine	xine-lib	1
xine	xine-lib	1
xine	xine-lib	1
xine	xine-lib	1
xine	xine-lib	1
xine	xine-lib	1.0
xine	xine-lib	1.0.1
xine	xine-lib	1.0.2
xine	xine-lib	1.0.3a
xine	xine-lib	1.1.0
xine	xine-lib	1.1.1
xine	xine-lib	1.1.2
xine	xine-lib	1.1.3
xine	xine-lib	1.1.4
xine	xine-lib	1.1.5
xine	xine-lib	1.1.6
xine	xine-lib	1.1.7
xine	xine-lib	1.1.8
xine	xine-lib	1.1.9
xine	xine-lib	1.1.9.1
xine	xine-lib	1.1.10
xine	xine-lib	1.1.10.1
xine	xine-lib	1.1.11
xine	xine-lib	1.1.11.1
xine	xine-lib	1.1.12
xine	xine-lib	1.1.13
xine	xine-lib	1_beta1
xine	xine-lib	1_beta2
xine	xine-lib	1_beta3
xine	xine-lib	1_beta4
xine	xine-lib	1_beta5
xine	xine-lib	1_beta6
xine	xine-lib	1_beta7
xine	xine-lib	1_beta8
xine	xine-lib	1_beta9
xine	xine-lib	1_beta10
xine	xine-lib	1_beta11
xine	xine-lib	1_beta12

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA01448-09E3-4DA9-A817-BFD7A4460F66",
              "versionEndIncluding": "1.1.14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:0.9.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DF7BC3F-20B1-461A-A799-8A77F3D8CC8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1:rc0a:*:*:*:*:*:*",
              "matchCriteriaId": "BC32E976-3FB3-44DE-89EE-FF0E89D97090",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "336D216E-5C30-4328-A422-DE134CABA091",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "39B6FDDB-139E-4CAC-A1C9-69E4AB542357",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "CCC58298-4DD7-47C4-BFA7-04596B21D646",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1:rc3a:*:*:*:*:*:*",
              "matchCriteriaId": "EB72C6CE-4D90-42FD-BFAF-AB31EBC34BF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1:rc3b:*:*:*:*:*:*",
              "matchCriteriaId": "3AA7BF0D-063D-4FD4-9AF2-69A0DF31579D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1:rc3c:*:*:*:*:*:*",
              "matchCriteriaId": "5BEFC0C7-1D8D-421B-B193-8A574AC8C712",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "42736C09-AF59-45F7-A324-2A725F8C0AEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1:rc4a:*:*:*:*:*:*",
              "matchCriteriaId": "30F3E90C-01A5-4085-8BA4-B5FA05BEA791",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "91ACDCA2-F0CD-4133-85A1-FC95E703CB90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1:rc6a:*:*:*:*:*:*",
              "matchCriteriaId": "58B3AEE5-1A56-464E-9EB2-F06E25FA5D90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1:rc7:*:*:*:*:*:*",
              "matchCriteriaId": "EEB5AC92-03F5-44F2-89CC-B6E8BA69C55C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1:rc8:*:*:*:*:*:*",
              "matchCriteriaId": "5AC68CC2-969C-4596-AA38-AE10BFE1D5BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8D402CB-4DED-4525-AF38-B5EC73C39E55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A905719D-4520-4374-B3A7-55034728B85C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2899EF34-824B-4893-8636-64A83EC5885B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1.0.3a:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EB8D295-B589-4E88-8FEE-DDD1591D9189",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAB10333-6C25-4359-BB3F-D76468170825",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2377493B-8CC0-414B-AA5F-B7777C852195",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "877230F8-6040-4CE3-A882-1290D19D27CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "401AE3C4-3829-487D-B66E-F71705BDD3FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "46BF90AB-3B32-4899-8179-BDB9EB449760",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "69CE0C90-2DD1-49D2-AE4C-1D21B81EF812",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F2AF7B5-09C3-4E32-B981-E0D9F88E387C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C94CF963-7DA9-455C-BB7E-2EE9AACD6B51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "E515D538-80FA-4069-B466-1EC4F84EE5A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "64546B22-3230-413A-BE51-E51F54B4A39B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1.1.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "686115E3-6BC0-4E9E-A0A7-9896F639FDE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFC149FA-B916-4844-AD98-B7827116C803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1.1.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2BBF4E9-6090-4ED3-8A12-09396E660505",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA642532-365F-4981-BA09-A56D3628271C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1.1.11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C34F27CC-0D88-42C0-93B4-87C1A4FA3DE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B75F992-1E85-491D-99FF-2ABE4228B88D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DFE3B5A-2AF7-4F0B-9364-A06DD19F4BF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1_beta1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C87793C-6577-4E67-BBFD-768FAF1BF88D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1_beta2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFE9819F-A620-41A6-A102-41746457753F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1_beta3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7D6474F-C678-498C-9A61-287E2FDD8B2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1_beta4:*:*:*:*:*:*:*",
              "matchCriteriaId": "06402BDD-77EA-447A-8C34-E1A0F41D0628",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1_beta5:*:*:*:*:*:*:*",
              "matchCriteriaId": "7387773A-81F1-464A-9489-E103C51BED46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1_beta6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A03194CD-2CFA-4F11-90DE-3573BA06B6DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1_beta7:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C39D002-E323-423D-8895-9179DFDF6535",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1_beta8:*:*:*:*:*:*:*",
              "matchCriteriaId": "73E621C7-A5BA-4D71-9D57-4311360FF3A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1_beta9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B08810F9-377D-49C4-A9A8-E2EE42EDF2F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1_beta10:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AA12911-93D8-4DFE-A31C-FEB9E7F7ADD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1_beta11:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C13E4FD-A874-4366-A426-19665B43F1DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xine:xine-lib:1_beta12:*:*:*:*:*:*:*",
              "matchCriteriaId": "75965D14-6EFC-4F1D-B343-FD593FB37048",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "xine-lib before 1.1.15 performs V4L video frame preallocation before ascertaining the required length, which has unknown impact and attack vectors, possibly related to a buffer overflow in the open_video_capture_device function in src/input/input_v4l.c."
    },
    {
      "lang": "es",
      "value": "xine-lib anterior a 1.1.15 realiza marcos de video V4L preasignados antes del establecimiento de la longitud requerida, la cu\u00e1l tiene un impacto y vectores de ataque desconocidos, posiblemente relacionado con un desbordamiento de b\u00fafer en la funci\u00f3n  open_video_capture_device en src/input/input_v4l.c."
    }
  ],
  "id": "CVE-2008-5245",
  "lastModified": "2024-11-21T00:53:39.180",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2008-11-26T01:30:00.687",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31502"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1020703"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sourceforge.net/project/shownotes.php?release_id=619869"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:020"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/30698"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/2382"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44470"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31502"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1020703"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sourceforge.net/project/shownotes.php?release_id=619869"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:020"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/30698"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/2382"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44470"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        },
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

gsd-2008-5245

Vulnerability from gsd

Modified

2023-12-13 01:23

Details

Aliases

CVE-2008-5245

Aliases

CVE-2008-5245

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-5245",
    "description": "xine-lib before 1.1.15 performs V4L video frame preallocation before ascertaining the required length, which has unknown impact and attack vectors, possibly related to a buffer overflow in the open_video_capture_device function in src/input/input_v4l.c.",
    "id": "GSD-2008-5245",
    "references": [
      "https://www.suse.com/security/cve/CVE-2008-5245.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-5245"
      ],
      "details": "xine-lib before 1.1.15 performs V4L video frame preallocation before ascertaining the required length, which has unknown impact and attack vectors, possibly related to a buffer overflow in the open_video_capture_device function in src/input/input_v4l.c.",
      "id": "GSD-2008-5245",
      "modified": "2023-12-13T01:23:04.800991Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2008-5245",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "xine-lib before 1.1.15 performs V4L video frame preallocation before ascertaining the required length, which has unknown impact and attack vectors, possibly related to a buffer overflow in the open_video_capture_device function in src/input/input_v4l.c."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1020703",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1020703"
          },
          {
            "name": "SUSE-SR:2009:004",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html"
          },
          {
            "name": "31502",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/31502"
          },
          {
            "name": "ADV-2008-2382",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/2382"
          },
          {
            "name": "MDVSA-2009:020",
            "refsource": "MANDRIVA",
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:020"
          },
          {
            "name": "30698",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/30698"
          },
          {
            "name": "xinelib-openvideocapturedevice-bo(44470)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44470"
          },
          {
            "name": "http://sourceforge.net/project/shownotes.php?release_id=619869",
            "refsource": "CONFIRM",
            "url": "http://sourceforge.net/project/shownotes.php?release_id=619869"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1.1.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1.1.9.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1:rc7:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1:rc6a:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1:rc5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1:rc2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1:rc1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1_beta7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1_beta6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1.1.11.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1.1.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1.1.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1.1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1:rc3c:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1:rc3b:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1_beta11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1_beta10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1_beta3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1_beta2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1.1.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1.1.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1.1.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1.1.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1.0.3a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1:rc4a:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1:rc4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1:rc0a:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1_beta12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1_beta5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1_beta4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1.1.10.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1.1.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1:rc8:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1:rc3a:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1:rc3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1_beta9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1_beta8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:1_beta1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:0.9.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:xine:xine-lib:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.1.14",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-5245"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "xine-lib before 1.1.15 performs V4L video frame preallocation before ascertaining the required length, which has unknown impact and attack vectors, possibly related to a buffer overflow in the open_video_capture_device function in src/input/input_v4l.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                },
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "31502",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/31502"
            },
            {
              "name": "1020703",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1020703"
            },
            {
              "name": "http://sourceforge.net/project/shownotes.php?release_id=619869",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://sourceforge.net/project/shownotes.php?release_id=619869"
            },
            {
              "name": "30698",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/30698"
            },
            {
              "name": "MDVSA-2009:020",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:020"
            },
            {
              "name": "SUSE-SR:2009:004",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html"
            },
            {
              "name": "ADV-2008-2382",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2008/2382"
            },
            {
              "name": "xinelib-openvideocapturedevice-bo(44470)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44470"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2017-08-08T01:33Z",
      "publishedDate": "2008-11-26T01:30Z"
    }
  }
}

ghsa-7vpx-rrh6-j6c5

Vulnerability from github

Published

2022-05-17 02:18

Modified

2022-05-17 02:18

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-5245"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-11-26T01:30:00Z",
    "severity": "HIGH"
  },
  "details": "xine-lib before 1.1.15 performs V4L video frame preallocation before ascertaining the required length, which has unknown impact and attack vectors, possibly related to a buffer overflow in the open_video_capture_device function in src/input/input_v4l.c.",
  "id": "GHSA-7vpx-rrh6-j6c5",
  "modified": "2022-05-17T02:18:00Z",
  "published": "2022-05-17T02:18:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5245"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44470"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31502"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1020703"
    },
    {
      "type": "WEB",
      "url": "http://sourceforge.net/project/shownotes.php?release_id=619869"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:020"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/30698"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2382"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2008-5245

Vulnerability from cvelistv5

fkie_cve-2008-5245

Vulnerability from fkie_nvd

gsd-2008-5245

Vulnerability from gsd

ghsa-7vpx-rrh6-j6c5

Vulnerability from github

Tags

Sightings

Nomenclature