Ultimi Articoli
- Impossible is Nothing
- Having Fun With Windogs
- A Linksys video and an IGSuite exploit
- A Sneak Preview
- xine-lib NSF Demuxer Buffer Overflow Vulnerability
- Pligg 9.9.0 SQL Injection Vulnerability
- mplayer sdpplin_parse() Array Indexing Vulnerability
- Got sploit, lets patch! kthx.
- Vuln: Web Directory Script 'listing_view.php' SQL I..
-
Web Directory Script 'listing_view.php' SQL Injection Vu..
- Vuln: Multiple Vendor BIOS Keyboard Buffer Password..
-
Multiple Vendor BIOS Keyboard Buffer Password Persistenc..
- Vuln: Pluck 'index.php' Multiple Local File Include..
-
Pluck 'index.php' Multiple Local File Include Vulnerabil..
Categories
Commenti
The sexy side of information security, benvenuti su PornoSecurity!
xine-lib NSF Demuxer Buffer Overflow Vulnerability
Posted on 2008-04-17 12:40:27 in PornoSecurity
I found a stack-based buffer overflow in the NES Sound Format demuxer(demux_nsf.c) of xine-lib <= 1.1.12.
The vulnerability is caused due to a boundary error within the "demux_nsf_send_chunk()" function in src/demuxers/demux_nsf.c and can be exploited to run arbitrary code while processing an NSF file with an overly large NSF title tag.
2008-05-08 14:58:06
sweet : cool shit you got here2008-05-18 18:31:22
k`sOSe: thx2008-05-23 02:36:01
patrik: dewio 4tvun9wnpvrtwjdsoa2008-05-23 12:02:19
k`sOSe: well said patrik! ;)2008-05-23 16:12:11
nopper: w00ting club :)2008-05-23 16:22:50
k`sOSe: yeah indeed, my brotha