CVE-2008-1161

Published: 10 March 2008

Buffer overflow in the Matroska demuxer (demuxers/demux_matroska.c) in xine-lib before 1.1.10.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Matroska file with invalid frame sizes.

Priority

Medium

Notes

AuthorNote
jdstrand
note that 1.1.11.1-1ubuntu3 fixed a Matroska regression-- may
need both hg.debian.org commits
regression not introduced as part of the security patch

References

Bugs