Oval Definition:oval:org.opensuse.security:def:20085239
Revision Date:2021-08-15Version:1
Title:CVE-2008-5239
Description:

xine-lib 1.1.12, and other 1.1.15 and earlier versions, does not properly handle (a) negative and (b) zero values during unspecified read function calls in input_file.c, input_net.c, input_smb.c, and input_http.c, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via vectors such as (1) a file or (2) an HTTP response, which triggers consequences such as out-of-bounds reads and heap-based buffer overflows.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2008-5239
Mitre CVE-2008-5239
SUSE CVE-2008-5239
SUSE-SR:2009:004
SUSE-SR:2009:004
Platform(s):Novell Linux Desktop 9 for x86
Novell Linux Desktop 9 for x86_64
Novell Linux Desktop 9 SDK for x86
Novell Linux Desktop 9 SDK for x86_64
openSUSE 10.3
openSUSE 11.0
SLES SDK 9 for IBM iSeries and IBM pSeries
SLES SDK 9 for IBM S/390 and IBM zSeries
SLES SDK 9 for IBM zSeries
SLES SDK 9 for IPF
SLES SDK 9 for x86
SLES SDK 9 for X86-64
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise SDK 10 SP2
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server for SAP Applications 11 SP4
SUSE Linux Enterprise Software Development Kit 11 SP4
Product(s):
Definition Synopsis
  • sles10-sp2-sdk is installed
  • AND Package Information
  • xine-devel less than 1.1.1-24.43
  • OR xine-extra less than 1.1.1-24.43
  • OR xine-lib-32bit less than 1.1.1-24.43
  • OR xine-lib-64bit less than 1.1.1-24.43
  • OR xine-lib-x86 less than 1.1.1-24.43
  • OR xine-lib less than 1.1.1-24.43
  • OR xine-ui less than 0.99.4-32.39
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND Package Information
  • libxine-devel-1.1.15-23.3 is installed
  • OR libxine1-1.1.15-23.3 is installed
  • OR libxine1-32bit-1.1.15-23.3 is installed
  • OR libxine1-gnome-vfs-1.1.15-23.3 is installed
  • OR libxine1-pulse-1.1.15-23.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND Package Information
  • libxine-devel-1.1.15-23.3.9 is installed
  • OR libxine1-1.1.15-23.3.9 is installed
  • OR libxine1-32bit-1.1.15-23.3.9 is installed
  • OR libxine1-gnome-vfs-1.1.15-23.3.9 is installed
  • OR libxine1-pulse-1.1.15-23.3.9 is installed
    • BACK