CVE-2005-2967
Published: 14 October 2005
Format string vulnerability in input_cdda.c in xine-lib 1-beta through 1-beta 3, 1-rc, 1.0 through 1.0.2, and 1.1.1 allows remote servers to execute arbitrary code via format string specifiers in metadata in CDDB server responses when the victim plays a CD.
Priority
Status
Package | Release | Status |
---|---|---|
xine-extracodecs Launchpad, Ubuntu, Debian |
dapper |
Released
(1.1.1+ubuntu1-2)
|
edgy |
Released
(1.1.1+ubuntu1-2)
|
|
feisty |
Released
(1.1.1+ubuntu1-2)
|
|
upstream |
Needs triage
|
|
xine-lib Launchpad, Ubuntu, Debian |
dapper |
Released
(1.1.1+ubuntu2-7.7)
|
edgy |
Released
(1.1.2+repacked1-0ubuntu3.4)
|
|
feisty |
Released
(1.1.4-2ubuntu3)
|
|
upstream |
Needs triage
|