CVE-2008-5248

Published: 26 November 2008

xine-lib before 1.1.15 allows remote attackers to cause a denial of service (crash) via "MP3 files with metadata consisting only of separators."

Priority

Status

Package	Release	Status
xine-lib Launchpad, Ubuntu, Debian	dapper	Released (1.1.1+ubuntu2-7.10)
	gutsy	Released (1.1.7-1ubuntu1.4)
	hardy	Released (1.1.11.1-1ubuntu3.2)
	intrepid	Not vulnerable (1.1.15-0ubuntu1)
	upstream	Released (1.1.15)

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.