CVE-2007-0654

Publication date 21 March 2007

Last updated 24 July 2024

Ubuntu priority

Integer underflow in X MultiMedia System (xmms) 1.2.10 allows user-assisted remote attackers to execute arbitrary code via crafted header information in a skin bitmap image, which results in a stack-based buffer overflow.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
xmms	7.04 feisty	Fixed 1.2.10+20061201-1ubuntu3
	6.10 edgy	Fixed 1.2.10+cvs20060429-1ubuntu2.1
	6.06 LTS dapper	Fixed 1.2.10+cvs20050809-4ubuntu5.1

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-445-1
XMMS vulnerabilities
27 March 2007

Other references

https://www.cve.org/CVERecord?id=CVE-2007-0654