This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-05-15 17:58:29 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
3bc5691e-38dd-11da-92f5-020039488e34 | libxine -- format string vulnerability Gentoo Linux Security Advisory reports:
Discovery 2005-10-08 Entry 2005-10-09 libxine < 1.1.0_1 CVE-2005-2967 http://www.gentoo.org/security/en/glsa/glsa-200510-08.xml http://xinehq.de/index.php/security/XSA-2005-1 |
85d76f02-5380-11d9-a9e7-0001020eed82 | mplayer -- multiple vulnerabilities iDEFENSE and the MPlayer Team have found multiple vulnerabilities in MPlayer:
These vulnerabilities could allow a remote attacker to execute arbitrary code as the user running MPlayer. The problem in the pnm streaming code also affects xine. Discovery 2004-12-10 Entry 2004-12-21 Modified 2005-01-12 mplayer mplayer-gtk mplayer-gtk2 mplayer-esound mplayer-gtk-esound mplayer-gtk2-esound < 0.99.5_5 libxine le 1.0.r5_3 CVE-2004-1187 CVE-2004-1188 http://mplayerhq.hu/homepage/design7/news.html#mplayer10pre5try2 http://marc.theaimsgroup.com/?l=bugtraq&m=110322526210300 http://www.idefense.com/application/poi/display?id=166 http://marc.theaimsgroup.com/?l=bugtraq&m=110322829807443 http://www.idefense.com/application/poi/display?id=167 http://marc.theaimsgroup.com/?l=bugtraq&m=110323022605345 http://www.idefense.com/application/poi/display?id=168 http://xinehq.de/index.php/security/XSA-2004-6 |
e8a6a16d-e498-11dc-bb89-000bcdc1757a | libxine -- buffer overflow vulnerability xine Team reports:
Discovery 2007-02-08 Entry 2008-02-26 libxine < 1.1.10.1 CVE-2008-0486 http://www.xinehq.de/index.php/news |
f6bff909-4a26-11db-a4cc-000a48049292 | libmms -- stack-based buffer overflow Mitre CVE reports:
Discovery 2006-05-04 Entry 2006-09-22 libmms < 0.3 libxine < 1.1.1 CVE-2006-2200 18608 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=374577 |
1b70bef4-649f-11d9-a30e-000a95bc6fae | libxine -- multiple buffer overflows in RTSP A xine security announcement states:
Discovery 2004-05-25 Entry 2005-01-12 mplayer mplayer-gtk mplayer-gtk2 mplayer-esound mplayer-gtk-esound mplayer-gtk2-esound < 0.99.4 libxine < 1.0.r4 CVE-2004-0433 http://xinehq.de/index.php/security/XSA-2004-3 http://xforce.iss.net/xforce/xfdb/16019 10245 |
e50b04e8-9c55-11d8-9366-0020ed76ef5a | xine-lib arbitrary file overwrite From the xinehq advisory:
The flaw is a result of a feature that allows MRLs (media resource locator URIs) to specify arbitrary configuration options. Discovery 2004-04-20 Entry 2004-05-02 libxine gt 0.9 lt 1.0.r3_5 10193 http://www.xinehq.de/index.php/security/XSA-2004-1 |
107e2ee5-f941-11da-b1fa-020039488e34 | libxine -- buffer overflow vulnerability A Secunia Advisory reports:
Discovery 2006-05-31 Entry 2006-06-11 libxine < 1.1.1_6 http://secunia.com/advisories/20369 CVE-2006-2802 18187 |
51d1d428-42f0-11de-ad22-000e35248ad7 | libxine -- multiple vulnerabilities Multiple vulnerabilities were fixed in libxine 1.1.16.2. Tobias Klein reports:
xine developers report:
Discovery 2009-02-15 Entry 2009-05-17 libxine < 1.1.16.2 CVE-2009-0698 CVE-2008-5234 CVE-2008-5240 http://trapkit.de/advisories/TKADV2009-004.txt http://sourceforge.net/project/shownotes.php?release_id=660071 |
64c8cc2a-59b1-11d9-8a99-000c6e8f12ef | libxine -- buffer-overflow vulnerability in aiff support Due to a buffer overflow in the open_aiff_file function in demux_aiff.c, a remote attacker is able to execute arbitrary code via a modified AIFF file. Discovery 2004-12-15 Entry 2004-12-29 Modified 2005-01-12 libxine le 1.0.r5_3 CVE-2004-1300 http://tigger.uic.edu/~jlongs2/holes/xine-lib.txt http://xinehq.de/index.php/security/XSA-2004-7 |
02eedd3c-c6b5-11dc-93b6-000e35248ad7 | libxine -- buffer overflow vulnerability xine project reports:
Discovery 2008-01-08 Entry 2008-01-19 libxine < 1.1.9.1 CVE-2008-0225 http://aluigi.altervista.org/adv/xinermffhof-adv.txt http://secunia.com/advisories/28384 |
91c606fc-b5d0-11d9-a788-0001020eed82 | mplayer & libxine -- MMS and Real RTSP buffer overflow vulnerabilities A xine security announcement reports:
Discovery 2005-04-16 Entry 2005-04-25 mplayer mplayer-gtk mplayer-gtk2 mplayer-esound mplayer-gtk-esound mplayer-gtk2-esound < 0.99.7 libxine ge 0.9.9 lt 1.0.1 13270 13271 CVE-2005-1195 http://www.mplayerhq.hu/homepage/design7/news.html#vuln10 http://www.mplayerhq.hu/homepage/design7/news.html#vuln11 http://xinehq.de/index.php/security/XSA-2004-8 |
131bd7c4-64a3-11d9-829a-000a95bc6fae | libxine -- DVD subpicture decoder heap overflow A xine security announcement states:
Discovery 2004-09-06 Entry 2005-01-12 Modified 2005-01-19 libxine < 1.0.r6 CVE-2004-1379 http://xinehq.de/index.php/security/XSA-2004-5 |
6ecd0b42-ce77-11dc-89b1-000e35248ad7 | libxine -- buffer overflow vulnerability xine project reports:
Discovery 2008-01-23 Entry 2008-01-29 libxine < 1.1.10 CVE-2006-1664 http://secunia.com/advisories/19853/ |
7a7c5853-10a3-11dd-8eb8-00163e000016 | libxine -- array index vulnerability xine Team reports:
Discovery 2008-04-06 Entry 2008-04-24 libxine < 1.1.12 CVE-2008-1686 http://www.xinehq.de/index.php/news |
48e14d86-42f1-11de-ad22-000e35248ad7 | libxine -- multiple vulnerabilities xine developers report:
Discovery 2009-04-04 Entry 2009-05-17 libxine < 1.1.16.3 CVE-2009-0385 CVE-2009-1274 http://trapkit.de/advisories/TKADV2009-004.txt http://trapkit.de/advisories/TKADV2009-005.txt http://sourceforge.net/project/shownotes.php?release_id=660071 |
1b043693-8617-11db-93b2-000e35248ad7 | libxine -- multiple buffer overflow vulnerabilities The libxine development team reports that several vulnerabilities had been found in the libxine library. The first vulnerability is caused by improper checking of the src/input/libreal/real.c "real_parse_sdp()" function. A remote attacker could exploit this by tricking an user to connect to a preparated server potentially causing a buffer overflow. Another buffer overflow had been found in the libmms library, potentially allowing a remote attacker to cause a denial of service vulnerability, and possible remote code execution through the following functions: send_command, string_utf16, get_data and get_media_packets. Other functions might be affected as well. Discovery 2006-05-04 Entry 2006-12-07 Modified 2006-12-09 libxine < 1.1.3 18608 21435 CVE-2006-2200 CVE-2006-6172 http://sourceforge.net/project/shownotes.php?release_id=468432 |
06eac338-9ddf-11dd-813f-000e35248ad7 | libxine -- denial of service vulnerability xine team reports:
Discovery 2008-07-13 Entry 2008-10-19 libxine < 1.1.15 CVE-2008-3231 http://www.xinehq.de/index.php/news http://xforce.iss.net/xforce/xfdb/44040 |