CVE-2004-0433

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2004-0433
Multiple buffer overflows in the Real-Time Streaming Protocol (RTSP) client for (1) MPlayer before 1.0pre4 and (2) xine lib (xine-lib) before 1-rc4, when playing Real RTSP (realrtsp) streams, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (a) long URLs, (b) long Real server responses, or (c) long Real Data Transport (RDT) packets.

10.0 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://security.gentoo.org/glsa/glsa-200405-24.xml Vendor Advisory
http://www.xinehq.de/index.php/security/XSA-2004-3
https://exchange.xforce.ibmcloud.com/vulnerabilities/16019
http://security.gentoo.org/glsa/glsa-200405-24.xml Vendor Advisory
http://www.xinehq.de/index.php/security/XSA-2004-3
https://exchange.xforce.ibmcloud.com/vulnerabilities/16019
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mplayer:mplayer:1.0_pre3try2:*:*:*:*:*:*:*
cpe:2.3:a:xine:xine-lib:1_beta1:*:*:*:*:*:*:*
cpe:2.3:a:xine:xine-lib:1_beta2:*:*:*:*:*:*:*
cpe:2.3:a:xine:xine-lib:1_beta3:*:*:*:*:*:*:*
cpe:2.3:a:xine:xine-lib:1_beta4:*:*:*:*:*:*:*
cpe:2.3:a:xine:xine-lib:1_beta5:*:*:*:*:*:*:*
cpe:2.3:a:xine:xine-lib:1_beta6:*:*:*:*:*:*:*
cpe:2.3:a:xine:xine-lib:1_beta7:*:*:*:*:*:*:*
cpe:2.3:a:xine:xine-lib:1_beta8:*:*:*:*:*:*:*
cpe:2.3:a:xine:xine-lib:1_beta9:*:*:*:*:*:*:*
cpe:2.3:a:xine:xine-lib:1_beta10:*:*:*:*:*:*:*
cpe:2.3:a:xine:xine-lib:1_beta11:*:*:*:*:*:*:*
cpe:2.3:a:xine:xine-lib:1_rc2:*:*:*:*:*:*:*
cpe:2.3:a:xine:xine-lib:1_rc3a:*:*:*:*:*:*:*
cpe:2.3:a:xine:xine-lib:1_rc3b:*:*:*:*:*:*:*
cpe:2.3:a:xine:xine-lib:1_rc3c:*:*:*:*:*:*:*
History

20 Nov 2024, 23:48

Type Values Removed Values Added
References () http://security.gentoo.org/glsa/glsa-200405-24.xml - Vendor Advisory () http://security.gentoo.org/glsa/glsa-200405-24.xml - Vendor Advisory
References () http://www.xinehq.de/index.php/security/XSA-2004-3 - () http://www.xinehq.de/index.php/security/XSA-2004-3 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/16019 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/16019 -
Information

Published : 2004-08-18 04:00

Updated : 2024-11-20 23:48

NVD link : CVE-2004-0433

Mitre link : CVE-2004-0433

CVE.ORG link : CVE-2004-0433

JSON object : View

Products Affected

xine

  • xine-lib

mplayer

  • mplayer
CWE
NVD-CWE-Other